Action not permitted
Modal body text goes here.
cve-2017-7561
Vulnerability from cvelistv5
Published
2017-09-13 17:00
Modified
2024-09-16 22:35
Severity ?
EPSS score ?
Summary
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Red Hat, Inc. | resteasy |
Version: 3.0.7 through before 4.0.0Beta1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:04:12.046Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:0479", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "name": "RHSA-2018:0481", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "name": "100465", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/100465" }, { "name": "RHSA-2018:0002", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "name": "RHSA-2018:0004", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "name": "RHSA-2018:0003", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "name": "RHSA-2018:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "name": "RHSA-2018:0005", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://issues.jboss.org/browse/RESTEASY-1704" }, { "name": "RHSA-2018:0478", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "resteasy", "vendor": "Red Hat, Inc.", "versions": [ { "status": "affected", "version": "3.0.7 through before 4.0.0Beta1" } ] } ], "datePublic": "2017-08-22T00:00:00", "descriptions": [ { "lang": "en", "value": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-346", "description": "CWE-346", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-03-13T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2018:0479", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "name": "RHSA-2018:0481", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "name": "100465", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/100465" }, { "name": "RHSA-2018:0002", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "name": "RHSA-2018:0004", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "name": "RHSA-2018:0003", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "name": "RHSA-2018:0480", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "name": "RHSA-2018:0005", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "tags": [ "x_refsource_MISC" ], "url": "https://issues.jboss.org/browse/RESTEASY-1704" }, { "name": "RHSA-2018:0478", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "DATE_PUBLIC": "2017-08-22T00:00:00", "ID": "CVE-2017-7561", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "resteasy", "version": { "version_data": [ { "version_value": "3.0.7 through before 4.0.0Beta1" } ] } } ] }, "vendor_name": "Red Hat, Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-346" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:0479", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "name": "RHSA-2018:0481", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "name": "100465", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100465" }, { "name": "RHSA-2018:0002", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "name": "RHSA-2018:0004", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "name": "RHSA-2018:0003", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "name": "RHSA-2018:0480", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "name": "RHSA-2018:0005", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "name": "https://issues.jboss.org/browse/RESTEASY-1704", "refsource": "MISC", "url": "https://issues.jboss.org/browse/RESTEASY-1704" }, { "name": "RHSA-2018:0478", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-7561", "datePublished": "2017-09-13T17:00:00Z", "dateReserved": "2017-04-05T00:00:00", "dateUpdated": "2024-09-16T22:35:06.807Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2017-7561\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2017-09-13T17:29:00.947\",\"lastModified\":\"2024-11-21T03:32:10.200\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.\"},{\"lang\":\"es\",\"value\":\"Red Hat JBoss EAP en su versi\u00f3n 3.0.7 hasta antes de la versi\u00f3n 4.0.0.Beta1 es vulnerable a un envenenamiento de la cach\u00e9 por parte del servidor o a peticiones CORS en el componente JAX-RS, resultando en un impacto moderado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-346\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25033CDC-E3CA-47D6-B1BB-6838D9DCAF8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D7CB4CB-4143-4FC1-970C-D102BA119B38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F498215-6D52-4F74-A8ED-D151DA1E09E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCEB4E47-CE89-437D-BA89-4FC163F6BDE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B8683E0-C5FF-4D6A-8079-08E822733B41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"926A7B4B-54B3-4E58-A66E-1DBD6246F657\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDF85FD4-6231-4554-AF41-D3EEA2D56466\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5C8C145-1E87-44FA-881E-7EF9F737AF50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AED9028C-999D-4658-91FD-9083E822CADF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94E9BAD1-3484-4758-A3FC-D42F963A5A06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E65D0A95-B2C2-4708-B0FB-8D3100FD522B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04F3E403-66B7-4E23-9B9D-E6BB2F7D56C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BC3A3D4-CB51-40AA-9267-5D723DC71421\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"431D16DC-F569-4CA9-8BF2-9CB7E3D2856D\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/100465\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0002\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0003\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0004\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0005\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0478\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0479\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0480\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0481\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://issues.jboss.org/browse/RESTEASY-1704\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/100465\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0003\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0004\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0478\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0480\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0481\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.jboss.org/browse/RESTEASY-1704\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}" } }
rhsa-2018_0480
Vulnerability from csaf_redhat
Published
2018-03-12 17:03
Modified
2024-11-22 10:33
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 7.1.1 for RHEL 7
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 7.1.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* artemis/hornetq: memory exhaustion via UDP and JGroups discovery (CVE-2017-12174)
* infinispan: Unsafe deserialization of malicious object injected into data cache (CVE-2017-15089)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* resteasy: Vary header not added by CORS filter leading to cache poisoning (CVE-2017-7561)
* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)
* undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser (CVE-2018-1048)
* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* artemis/hornetq: memory exhaustion via UDP and JGroups discovery (CVE-2017-12174)\n\n* infinispan: Unsafe deserialization of malicious object injected into data cache (CVE-2017-15089)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* resteasy: Vary header not added by CORS filter leading to cache poisoning (CVE-2017-7561)\n\n* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)\n\n* undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser (CVE-2018-1048)\n\n* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0480", "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html/installation_guide/" }, { "category": "external", "summary": "1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "1498378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378" }, { "category": "external", "summary": "1503055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055" }, { "category": "external", "summary": "1503610", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503610" }, { "category": "external", "summary": "1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "1534343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534343" }, { "category": "external", "summary": "1538332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332" }, { "category": "external", "summary": "JBEAP-7532", "url": "https://issues.redhat.com/browse/JBEAP-7532" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0480.json" } ], "title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 7.1.1 for RHEL 7", "tracking": { "current_release_date": "2024-11-22T10:33:24+00:00", "generator": { "date": "2024-11-22T10:33:24+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0480", "initial_release_date": "2018-03-12T17:03:31+00:00", "revision_history": [ { "date": "2018-03-12T17:03:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-03-12T17:03:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T10:33:24+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.3-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.009-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "product_id": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.2.13-6.SP5_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.0.8-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.13-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xml-security@2.0.9-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j@2.1.11-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.1.10-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.1.8-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.8.11-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.8.11-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.8.11-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.8.11-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.8.11-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.8.11-1.redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.9-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.12-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "product_id": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "product_id": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "product_id": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-4.SP2_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "product": { "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "product_id": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@8.2.9-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "product": { "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "product_id": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.1-3.GA_redhat_2.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "product": { "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "product_id": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.1-4.GA_redhat_2.1.ep7.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.3-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@1.5.5.009-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.2.13-6.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.5.31-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.0.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.1.13-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.1.13-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.13-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.1.13-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xml-security@2.0.9-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-policy-stax@2.1.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-policy@2.1.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-dom@2.1.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j@2.1.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-common@2.1.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-bindings@2.1.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-stax@2.1.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.1.10-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.1.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.8.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.8.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.8.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.8.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.8.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.8.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.8.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.8.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.8.11-1.redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.1.12-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.12-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.1.12-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.1.12-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.1.12-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-infinispan@5.1.12-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-10.SP9_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-4.SP2_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.0@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.0@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.0@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_id": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.3-6.Final_redhat_6.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@8.2.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@8.2.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-commons@8.2.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-core@8.2.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@8.2.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@8.2.9-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "product_id": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.1-3.GA_redhat_2.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "product_id": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.1.1-4.GA_redhat_2.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "product_id": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.1-4.GA_redhat_2.1.ep7.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src" }, "product_reference": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src" }, "product_reference": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src" }, "product_reference": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Jason Shepherd" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7561", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1483823" } ], "notes": [ { "category": "description", "text": "It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Vary header not added by CORS filter leading to cache poisoning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7561" }, { "category": "external", "summary": "RHBZ#1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7561", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561" } ], "release_date": "2017-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:03:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0480" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "resteasy: Vary header not added by CORS filter leading to cache poisoning" }, { "acknowledgments": [ { "names": [ "Masafumi Miura" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12174", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-09-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1498378" } ], "notes": [ { "category": "description", "text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.", "title": "Vulnerability description" }, { "category": "summary", "text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12174" }, { "category": "external", "summary": "RHBZ#1498378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12174" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174" } ], "release_date": "2018-02-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:03:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0480" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery" }, { "acknowledgments": [ { "names": [ "Jan Stourac" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12196", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2017-10-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503055" } ], "notes": [ { "category": "description", "text": "It was discovered that when using Digest authentication, the server does not ensure that the value of the URI in the authorization header matches the URI in the HTTP request line. This allows the attacker to execute a MITM attack and access the desired content on the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Client can use bogus uri in Digest authentication", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12196" }, { "category": "external", "summary": "RHBZ#1503055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12196", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12196" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196" } ], "release_date": "2018-03-12T15:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:03:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0480" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: Client can use bogus uri in Digest authentication" }, { "acknowledgments": [ { "names": [ "Man Yue Mo" ], "organization": "Semmle/lgtm.com" } ], "cve": "CVE-2017-15089", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503610" } ], "notes": [ { "category": "description", "text": "It was found that the Hotrod client in Infinispan would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "infinispan: Unsafe deserialization of malicious object injected into data cache", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15089" }, { "category": "external", "summary": "RHBZ#1503610", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503610" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15089", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15089" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15089", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15089" } ], "release_date": "2018-02-12T15:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:03:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0480" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "infinispan: Unsafe deserialization of malicious object injected into data cache" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-15095", "cwe": { "id": "CWE-184", "name": "Incomplete List of Disallowed Inputs" }, "discovery_date": "2017-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1506612" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15095" }, { "category": "external", "summary": "RHBZ#1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:03:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)" }, { "acknowledgments": [ { "names": [ "0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4" ] } ], "cve": "CVE-2017-17485", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528565" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17485" }, { "category": "external", "summary": "RHBZ#1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:03:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0480" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)" }, { "cve": "CVE-2018-1048", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2018-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534343" } ], "notes": [ { "category": "description", "text": "It was found that the AJP connector in undertow does not use the ALLOW_ENCODED_SLASH option and thus allows the slash and anti-slash characters encoded in a URL. This may lead to path traversal and result in the information disclosure of arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1048" }, { "category": "external", "summary": "RHBZ#1534343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534343" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1048", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1048" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1048", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1048" } ], "release_date": "2018-01-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:03:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0480" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser" }, { "cve": "CVE-2018-5968", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2018-01-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1538332" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind that could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaws CVE-2017-7525 and CVE-2017-17485 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)", "title": "Vulnerability summary" }, { "category": "other", "text": "JBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advice about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nThis issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellitw 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nRed Hat Subscription Asset Manager version 1 is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having Important security impact and is not currently planned to be addressed in future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5968" }, { "category": "external", "summary": "RHBZ#1538332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5968", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5968" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968" } ], "release_date": "2018-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:03:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0480" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)" } ] }
rhsa-2018_0479
Vulnerability from csaf_redhat
Published
2018-03-12 17:04
Modified
2024-11-22 10:33
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 7.1.1 on RHEL 6
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 7.1.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* artemis/hornetq: memory exhaustion via UDP and JGroups discovery (CVE-2017-12174)
* infinispan: Unsafe deserialization of malicious object injected into data cache (CVE-2017-15089)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* resteasy: Vary header not added by CORS filter leading to cache poisoning (CVE-2017-7561)
* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)
* undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser (CVE-2018-1048)
* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* artemis/hornetq: memory exhaustion via UDP and JGroups discovery (CVE-2017-12174)\n\n* infinispan: Unsafe deserialization of malicious object injected into data cache (CVE-2017-15089)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* resteasy: Vary header not added by CORS filter leading to cache poisoning (CVE-2017-7561)\n\n* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)\n\n* undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser (CVE-2018-1048)\n\n* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0479", "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/" }, { "category": "external", "summary": "1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "1498378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378" }, { "category": "external", "summary": "1503055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055" }, { "category": "external", "summary": "1503610", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503610" }, { "category": "external", "summary": "1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "1534343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534343" }, { "category": "external", "summary": "1538332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332" }, { "category": "external", "summary": "JBEAP-7531", "url": "https://issues.redhat.com/browse/JBEAP-7531" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0479.json" } ], "title": "Red Hat Security Advisory: JBoss Enterprise Application Platform 7.1.1 on RHEL 6", "tracking": { "current_release_date": "2024-11-22T10:33:17+00:00", "generator": { "date": "2024-11-22T10:33:17+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0479", "initial_release_date": "2018-03-12T17:04:50+00:00", "revision_history": [ { "date": "2018-03-12T17:04:50+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-03-12T17:04:50+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T10:33:17+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.3-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.009-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "product_id": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.2.13-6.SP5_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.0.8-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.13-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xml-security@2.0.9-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j@2.1.11-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.1.10-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.1.8-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.8.11-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.8.11-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.8.11-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.8.11-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.8.11-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_id": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.8.11-1.redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.9-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.12-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "product_id": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "product_id": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "product_id": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-4.SP2_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "product": { "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "product_id": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@8.2.9-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "product": { "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "product_id": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.1-3.GA_redhat_2.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "product": { "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "product_id": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.1-4.GA_redhat_2.1.ep7.el6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.3-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@1.5.5.009-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.2.13-6.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.5.31-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.0.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.1.13-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.1.13-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.1.13-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.1.13-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xml-security@2.0.9-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-policy-stax@2.1.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-policy@2.1.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-dom@2.1.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-common@2.1.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j@2.1.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-bindings@2.1.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-stax@2.1.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.1.10-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.1.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-core@2.8.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.8.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-databind@2.8.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.8.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.8.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.8.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.8.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.8.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.8.11-1.redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.1.12-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.1.12-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.1.12-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.1.12-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.1.12-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-infinispan@5.1.12-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-10.SP9_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@1.4.18-4.SP2_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.0@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.0@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.0@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.1@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.0.3-6.Final_redhat_6.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan@8.2.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@8.2.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-commons@8.2.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@8.2.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-core@8.2.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@8.2.9-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "product_id": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.1.1-3.GA_redhat_2.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "product_id": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.1.1-4.GA_redhat_2.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "product_id": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.1.1-4.GA_redhat_2.1.ep7.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src" }, "product_reference": "eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src" }, "product_reference": "eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src" }, "product_reference": "eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Jason Shepherd" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7561", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1483823" } ], "notes": [ { "category": "description", "text": "It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Vary header not added by CORS filter leading to cache poisoning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7561" }, { "category": "external", "summary": "RHBZ#1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7561", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561" } ], "release_date": "2017-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:04:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "resteasy: Vary header not added by CORS filter leading to cache poisoning" }, { "acknowledgments": [ { "names": [ "Masafumi Miura" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12174", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-09-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1498378" } ], "notes": [ { "category": "description", "text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.", "title": "Vulnerability description" }, { "category": "summary", "text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12174" }, { "category": "external", "summary": "RHBZ#1498378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12174" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174" } ], "release_date": "2018-02-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:04:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery" }, { "acknowledgments": [ { "names": [ "Jan Stourac" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12196", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2017-10-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503055" } ], "notes": [ { "category": "description", "text": "It was discovered that when using Digest authentication, the server does not ensure that the value of the URI in the authorization header matches the URI in the HTTP request line. This allows the attacker to execute a MITM attack and access the desired content on the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Client can use bogus uri in Digest authentication", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12196" }, { "category": "external", "summary": "RHBZ#1503055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12196", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12196" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196" } ], "release_date": "2018-03-12T15:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:04:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: Client can use bogus uri in Digest authentication" }, { "acknowledgments": [ { "names": [ "Man Yue Mo" ], "organization": "Semmle/lgtm.com" } ], "cve": "CVE-2017-15089", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503610" } ], "notes": [ { "category": "description", "text": "It was found that the Hotrod client in Infinispan would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "infinispan: Unsafe deserialization of malicious object injected into data cache", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15089" }, { "category": "external", "summary": "RHBZ#1503610", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503610" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15089", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15089" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15089", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15089" } ], "release_date": "2018-02-12T15:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:04:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "infinispan: Unsafe deserialization of malicious object injected into data cache" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-15095", "cwe": { "id": "CWE-184", "name": "Incomplete List of Disallowed Inputs" }, "discovery_date": "2017-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1506612" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15095" }, { "category": "external", "summary": "RHBZ#1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:04:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)" }, { "acknowledgments": [ { "names": [ "0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4" ] } ], "cve": "CVE-2017-17485", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528565" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17485" }, { "category": "external", "summary": "RHBZ#1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:04:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)" }, { "cve": "CVE-2018-1048", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2018-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534343" } ], "notes": [ { "category": "description", "text": "It was found that the AJP connector in undertow does not use the ALLOW_ENCODED_SLASH option and thus allows the slash and anti-slash characters encoded in a URL. This may lead to path traversal and result in the information disclosure of arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1048" }, { "category": "external", "summary": "RHBZ#1534343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534343" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1048", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1048" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1048", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1048" } ], "release_date": "2018-01-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:04:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser" }, { "cve": "CVE-2018-5968", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2018-01-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1538332" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind that could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaws CVE-2017-7525 and CVE-2017-17485 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)", "title": "Vulnerability summary" }, { "category": "other", "text": "JBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advice about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nThis issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellitw 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nRed Hat Subscription Asset Manager version 1 is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having Important security impact and is not currently planned to be addressed in future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5968" }, { "category": "external", "summary": "RHBZ#1538332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5968", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5968" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968" } ], "release_date": "2018-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:04:50+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-0:1.5.5.009-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-activemq-artemis-cli-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-commons-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-core-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-dto-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hornetq-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-hqclient-protocol-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jdbc-store-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-client-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-jms-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-journal-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-native-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-ra-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-selector-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-server-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-activemq-artemis-service-extensions-0:1.5.5.009-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-0:3.1.13-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-apache-cxf-rt-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-services-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-apache-cxf-tools-0:3.1.13-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-glassfish-jsf-0:2.2.13-6.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-0:5.1.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-hibernate-core-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-entitymanager-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-envers-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-infinispan-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-hibernate-java8-0:5.1.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-0:8.2.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-jdbc-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-cachestore-remote-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-client-hotrod-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-commons-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-infinispan-core-0:8.2.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-0:1.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-ironjacamar-common-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-common-spi-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-api-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-core-impl-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-deployers-common-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-jdbc-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-ironjacamar-validator-0:1.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-core-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-databind-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-datatype-jdk8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-datatype-jsr310-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-base-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-json-provider-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-jaxrs-providers-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-module-jaxb-annotations-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jackson-modules-java8-0:2.8.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-logmanager-0:2.0.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-0:1.0.3-6.Final_redhat_6.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-server-migration-cli-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-core-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap6.4-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly10.1-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly8.2-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.0-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-server-migration-wildfly9.0-to-eap7.1-0:1.0.3-6.Final_redhat_6.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jbossws-cxf-0:5.1.10-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-0:5.5.31-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-narayana-compensations-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbosstxbridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jbossxts-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-idlj-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-jts-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-api-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-bridge-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-integration-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-restat-util-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-narayana-txframework-0:5.5.31-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-bindings-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-common-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-config-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-federation-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-picketlink-idm-api-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-idm-simple-schema-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-impl-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-picketlink-wildfly8-0:2.5.5-10.SP9_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-0:3.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-resteasy-atom-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-cdi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-client-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-crypto-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jackson2-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxb-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jaxrs-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jettison-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jose-jwt-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-jsapi-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-json-p-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-multipart-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-spring-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-validator-provider-11-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-resteasy-yaml-provider-0:3.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-0:1.4.18-4.SP2_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-undertow-jastow-0:2.0.3-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-0:7.1.1-4.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-elytron-0:1.1.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-http-client-common-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-ejb-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-naming-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-http-transaction-client-0:1.0.9-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wildfly-javadocs-0:7.1.1-3.GA_redhat_2.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wildfly-modules-0:7.1.1-4.GA_redhat_2.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-0:2.1.11-1.redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.1:eap7-wss4j-bindings-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-policy-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-common-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-dom-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-policy-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-wss4j-ws-security-stax-0:2.1.11-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-xml-security-0:2.0.9-1.redhat_1.1.ep7.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)" } ] }
rhsa-2018_0004
Vulnerability from csaf_redhat
Published
2018-01-03 10:31
Modified
2024-11-22 11:17
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 7
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API. (CVE-2017-12629)
* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2017-12189)
* It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack. (CVE-2016-6346)
* It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. (CVE-2017-7559)
* It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. (CVE-2017-7561)
* It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. (CVE-2017-12167)
* It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling. (CVE-2017-12165)
Red Hat would like to thank Mikhail Egorov (Odin) for reporting CVE-2016-6346. The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat); the CVE-2017-7561 issue was discovered by Jason Shepherd (Red Hat Product Security); and the CVE-2017-12167 issue was discovered by Brian Stansberry (Red Hat) and Jeremy Choi (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API. (CVE-2017-12629)\n\n* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2017-12189)\n\n* It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack. (CVE-2016-6346)\n\n* It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. (CVE-2017-7559)\n\n* It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. (CVE-2017-7561)\n\n* It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. (CVE-2017-12167)\n\n* It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling. (CVE-2017-12165)\n\nRed Hat would like to thank Mikhail Egorov (Odin) for reporting CVE-2016-6346. The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat); the CVE-2017-7561 issue was discovered by Jason Shepherd (Red Hat Product Security); and the CVE-2017-12167 issue was discovered by Brian Stansberry (Red Hat) and Jeremy Choi (Red Hat).", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0004", "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/", "url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/" }, { "category": "external", "summary": "1372120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372120" }, { "category": "external", "summary": "1481665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665" }, { "category": "external", "summary": "1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "1490301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301" }, { "category": "external", "summary": "1491612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491612" }, { "category": "external", "summary": "1499631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499631" }, { "category": "external", "summary": "1501529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529" }, { "category": "external", "summary": "JBEAP-12350", "url": "https://issues.redhat.com/browse/JBEAP-12350" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0004.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 7", "tracking": { "current_release_date": "2024-11-22T11:17:04+00:00", "generator": { "date": "2024-11-22T11:17:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0004", "initial_release_date": "2018-01-03T10:31:14+00:00", "revision_history": [ { "date": "2018-01-03T10:31:14+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-01-03T10:31:14+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:17:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "product_id": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "product_id": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "product": { "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "product_id": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "product": { "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "product_id": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "product": { "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "product_id": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "product": { "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "product_id": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.3.8-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@1.1.0-19.SP24_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.0.16-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.0.16-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-infinispan@5.0.16-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.0.16-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.0.16-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-async-http-servlet-3.0@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.19-7.SP5_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product": { "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_id": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "product": { "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "product_id": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "product_id": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.0.9-4.GA_redhat_3.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "product_id": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "product_id": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src" }, "product_reference": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch" }, "product_reference": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch" }, "product_reference": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src" }, "product_reference": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src" }, "product_reference": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src" }, "product_reference": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Mikhail Egorov" ], "organization": "Odin" } ], "cve": "CVE-2016-6346", "discovery_date": "2016-08-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1372120" } ], "notes": [ { "category": "description", "text": "It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue was fixed in EAP 7.1.0, but was not fixed in 7.0.7\nOn Red Hat Satellite 6.5 this issue is fixed through the candlepin package update (candlepin 2.5.8), which contains a non-vulnerable version of RESTEasy.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6346" }, { "category": "external", "summary": "RHBZ#1372120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372120" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6346", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6346" } ], "release_date": "2016-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:31:14+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0004" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack" }, { "acknowledgments": [ { "names": [ "Stuart Douglas" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7559", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2017-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1481665" } ], "notes": [ { "category": "description", "text": "It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7559" }, { "category": "external", "summary": "RHBZ#1481665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7559", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7559" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559" } ], "release_date": "2017-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:31:14+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0004" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)" }, { "acknowledgments": [ { "names": [ "Jason Shepherd" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7561", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1483823" } ], "notes": [ { "category": "description", "text": "It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Vary header not added by CORS filter leading to cache poisoning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7561" }, { "category": "external", "summary": "RHBZ#1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7561", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561" } ], "release_date": "2017-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:31:14+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0004" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "resteasy: Vary header not added by CORS filter leading to cache poisoning" }, { "acknowledgments": [ { "names": [ "Stuart Douglas" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12165", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2017-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490301" } ], "notes": [ { "category": "description", "text": "It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: improper whitespace parsing leading to potential HTTP request smuggling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12165" }, { "category": "external", "summary": "RHBZ#1490301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12165", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12165" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165" } ], "release_date": "2017-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:31:14+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0004" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: improper whitespace parsing leading to potential HTTP request smuggling" }, { "acknowledgments": [ { "names": [ "Brian Stansberry", "Jeremy Choi" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12167", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2017-09-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1491612" } ], "notes": [ { "category": "description", "text": "It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP-7: Wrong privileges on multiple property files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12167" }, { "category": "external", "summary": "RHBZ#1491612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12167", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12167" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12167", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12167" } ], "release_date": "2017-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:31:14+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0004" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP-7: Wrong privileges on multiple property files" }, { "cve": "CVE-2017-12189", "discovery_date": "2017-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1499631" } ], "notes": [ { "category": "description", "text": "It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12189" }, { "category": "external", "summary": "RHBZ#1499631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499631" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12189", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12189" } ], "release_date": "2018-01-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:31:14+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0004" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)" }, { "cve": "CVE-2017-12629", "cwe": { "id": "CWE-138", "name": "Improper Neutralization of Special Elements" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501529" } ], "notes": [ { "category": "description", "text": "It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API.", "title": "Vulnerability description" }, { "category": "summary", "text": "Solr: Code execution via entity expansion", "title": "Vulnerability summary" }, { "category": "other", "text": "The following products are not affected by this flaw, as they do not use the vulnerable functionality of either aspect of the issue.\nRed Hat JBoss Enterprise Application Platform 6\nRed Hat JBoss BPM Suite\nRed Hat JBoss BRMS\nRed Hat Enterprise Virtualization Manager\nRed Hat Single Sign-On 7\nRed Hat JBoss Portal Platform 6\n\nRed Hat JBoss Enterprise Application Platform 7 is not affected by this flaw. However, it does ship the vulnerable Lucene class in a dependency to another component. Customers who reuse the lucene-queryparser jar in their applications may be vulnerable to the External Entity Expansion aspect of this flaw. This will be patched in a forthcoming release.\n\nRed Hat JBoss Fuse is not affected by this flaw, as it does not use the vulnerable functionality of either aspect of this flaw. Fuse customers who may be running external Solr servers, while not affected from the Fuse side, are advised to secure their Solr servers as recommended in the mitigation provided.\n\nThe following products ship only the Lucene components relevant to this flaw, and are not vulnerable to the second portion of the vulnerability, the code execution exploit. As such, the impact of this flaw has been determined to be Moderate for these respective products:\nRed Hat JBoss Data Grid 7 \nRed Hat Enterprise Linux 6\nRed Hat Software Collections 2.4\n\nThis issue did not affect the versions of lucene as shipped with Red Hat Enterprise Linux 5.\n\nThis issue does not affect Elasticsearch as shipped in OpenShift Container Platform.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12629" }, { "category": "external", "summary": "RHBZ#1501529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12629", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629" }, { "category": "external", "summary": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629", "url": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629" } ], "release_date": "2017-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:31:14+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "category": "workaround", "details": "Until fixes are available, all Solr users are advised to restart their Solr instances with the system parameter `-Ddisable.configEdit=true`. This will disallow any changes to be made to configurations via the Config API. This is a key factor in this vulnerability, since it allows GET requests to add the RunExecutableListener to the config.\n\nThis is sufficient to protect from this type of attack, but means you cannot use the edit capabilities of the Config API until further fixes are in place.", "product_ids": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el7.src", "7Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Solr: Code execution via entity expansion" } ] }
rhsa-2018_0003
Vulnerability from csaf_redhat
Published
2018-01-03 10:20
Modified
2024-11-22 11:17
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.9 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API. (CVE-2017-12629)
* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2017-12189)
* It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack. (CVE-2016-6346)
* It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. (CVE-2017-7559)
* It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. (CVE-2017-7561)
* It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. (CVE-2017-12167)
* It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling. (CVE-2017-12165)
Red Hat would like to thank Mikhail Egorov (Odin) for reporting CVE-2016-6346. The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat); the CVE-2017-7561 issue was discovered by Jason Shepherd (Red Hat Product Security); and the CVE-2017-12167 issue was discovered by Brian Stansberry (Red Hat) and Jeremy Choi (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API. (CVE-2017-12629)\n\n* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2017-12189)\n\n* It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack. (CVE-2016-6346)\n\n* It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. (CVE-2017-7559)\n\n* It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. (CVE-2017-7561)\n\n* It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. (CVE-2017-12167)\n\n* It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling. (CVE-2017-12165)\n\nRed Hat would like to thank Mikhail Egorov (Odin) for reporting CVE-2016-6346. The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat); the CVE-2017-7561 issue was discovered by Jason Shepherd (Red Hat Product Security); and the CVE-2017-12167 issue was discovered by Brian Stansberry (Red Hat) and Jeremy Choi (Red Hat).", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0003", "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.0" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/", "url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/" }, { "category": "external", "summary": "1372120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372120" }, { "category": "external", "summary": "1481665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665" }, { "category": "external", "summary": "1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "1490301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301" }, { "category": "external", "summary": "1491612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491612" }, { "category": "external", "summary": "1499631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499631" }, { "category": "external", "summary": "1501529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0003.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.9 security update", "tracking": { "current_release_date": "2024-11-22T11:17:15+00:00", "generator": { "date": "2024-11-22T11:17:15+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0003", "initial_release_date": "2018-01-03T10:20:33+00:00", "revision_history": [ { "date": "2018-01-03T10:20:33+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-01-03T10:20:33+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:17:15+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7", "product": { "name": "Red Hat JBoss EAP 7", "product_id": "Red Hat JBoss EAP 7", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Mikhail Egorov" ], "organization": "Odin" } ], "cve": "CVE-2016-6346", "discovery_date": "2016-08-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1372120" } ], "notes": [ { "category": "description", "text": "It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue was fixed in EAP 7.1.0, but was not fixed in 7.0.7\nOn Red Hat Satellite 6.5 this issue is fixed through the candlepin package update (candlepin 2.5.8), which contains a non-vulnerable version of RESTEasy.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6346" }, { "category": "external", "summary": "RHBZ#1372120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372120" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6346", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6346" } ], "release_date": "2016-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:20:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0003" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack" }, { "acknowledgments": [ { "names": [ "Stuart Douglas" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7559", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2017-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1481665" } ], "notes": [ { "category": "description", "text": "It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7559" }, { "category": "external", "summary": "RHBZ#1481665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7559", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7559" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559" } ], "release_date": "2017-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:20:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0003" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)" }, { "acknowledgments": [ { "names": [ "Jason Shepherd" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7561", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1483823" } ], "notes": [ { "category": "description", "text": "It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Vary header not added by CORS filter leading to cache poisoning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7561" }, { "category": "external", "summary": "RHBZ#1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7561", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561" } ], "release_date": "2017-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:20:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0003" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "resteasy: Vary header not added by CORS filter leading to cache poisoning" }, { "acknowledgments": [ { "names": [ "Stuart Douglas" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12165", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2017-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490301" } ], "notes": [ { "category": "description", "text": "It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: improper whitespace parsing leading to potential HTTP request smuggling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12165" }, { "category": "external", "summary": "RHBZ#1490301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12165", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12165" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165" } ], "release_date": "2017-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:20:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0003" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: improper whitespace parsing leading to potential HTTP request smuggling" }, { "acknowledgments": [ { "names": [ "Brian Stansberry", "Jeremy Choi" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12167", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2017-09-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1491612" } ], "notes": [ { "category": "description", "text": "It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP-7: Wrong privileges on multiple property files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12167" }, { "category": "external", "summary": "RHBZ#1491612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12167", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12167" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12167", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12167" } ], "release_date": "2017-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:20:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0003" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP-7: Wrong privileges on multiple property files" }, { "cve": "CVE-2017-12189", "discovery_date": "2017-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1499631" } ], "notes": [ { "category": "description", "text": "It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12189" }, { "category": "external", "summary": "RHBZ#1499631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499631" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12189", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12189" } ], "release_date": "2018-01-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:20:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0003" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)" }, { "cve": "CVE-2017-12629", "cwe": { "id": "CWE-138", "name": "Improper Neutralization of Special Elements" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501529" } ], "notes": [ { "category": "description", "text": "It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API.", "title": "Vulnerability description" }, { "category": "summary", "text": "Solr: Code execution via entity expansion", "title": "Vulnerability summary" }, { "category": "other", "text": "The following products are not affected by this flaw, as they do not use the vulnerable functionality of either aspect of the issue.\nRed Hat JBoss Enterprise Application Platform 6\nRed Hat JBoss BPM Suite\nRed Hat JBoss BRMS\nRed Hat Enterprise Virtualization Manager\nRed Hat Single Sign-On 7\nRed Hat JBoss Portal Platform 6\n\nRed Hat JBoss Enterprise Application Platform 7 is not affected by this flaw. However, it does ship the vulnerable Lucene class in a dependency to another component. Customers who reuse the lucene-queryparser jar in their applications may be vulnerable to the External Entity Expansion aspect of this flaw. This will be patched in a forthcoming release.\n\nRed Hat JBoss Fuse is not affected by this flaw, as it does not use the vulnerable functionality of either aspect of this flaw. Fuse customers who may be running external Solr servers, while not affected from the Fuse side, are advised to secure their Solr servers as recommended in the mitigation provided.\n\nThe following products ship only the Lucene components relevant to this flaw, and are not vulnerable to the second portion of the vulnerability, the code execution exploit. As such, the impact of this flaw has been determined to be Moderate for these respective products:\nRed Hat JBoss Data Grid 7 \nRed Hat Enterprise Linux 6\nRed Hat Software Collections 2.4\n\nThis issue did not affect the versions of lucene as shipped with Red Hat Enterprise Linux 5.\n\nThis issue does not affect Elasticsearch as shipped in OpenShift Container Platform.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12629" }, { "category": "external", "summary": "RHBZ#1501529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12629", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629" }, { "category": "external", "summary": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629", "url": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629" } ], "release_date": "2017-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:20:33+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "category": "workaround", "details": "Until fixes are available, all Solr users are advised to restart their Solr instances with the system parameter `-Ddisable.configEdit=true`. This will disallow any changes to be made to configurations via the Config API. This is a key factor in this vulnerability, since it allows GET requests to add the RunExecutableListener to the config.\n\nThis is sufficient to protect from this type of attack, but means you cannot use the edit capabilities of the Config API until further fixes are in place.", "product_ids": [ "Red Hat JBoss EAP 7" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Solr: Code execution via entity expansion" } ] }
rhsa-2018_0478
Vulnerability from csaf_redhat
Published
2018-03-12 16:37
Modified
2024-11-22 10:34
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.1 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 7.1.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* artemis/hornetq: memory exhaustion via UDP and JGroups discovery (CVE-2017-12174)
* infinispan: Unsafe deserialization of malicious object injected into data cache (CVE-2017-15089)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* resteasy: Vary header not added by CORS filter leading to cache poisoning (CVE-2017-7561)
* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)
* undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser (CVE-2018-1048)
* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.1.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* artemis/hornetq: memory exhaustion via UDP and JGroups discovery (CVE-2017-12174)\n\n* infinispan: Unsafe deserialization of malicious object injected into data cache (CVE-2017-15089)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* resteasy: Vary header not added by CORS filter leading to cache poisoning (CVE-2017-7561)\n\n* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)\n\n* undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser (CVE-2018-1048)\n\n* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0478", "url": "https://access.redhat.com/errata/RHSA-2018:0478" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.1", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.1" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.1", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.1" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/", "url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/" }, { "category": "external", "summary": "1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "1498378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378" }, { "category": "external", "summary": "1503055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055" }, { "category": "external", "summary": "1503610", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503610" }, { "category": "external", "summary": "1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "1534343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534343" }, { "category": "external", "summary": "1538332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0478.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.1 security update", "tracking": { "current_release_date": "2024-11-22T10:34:13+00:00", "generator": { "date": "2024-11-22T10:34:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0478", "initial_release_date": "2018-03-12T16:37:39+00:00", "revision_history": [ { "date": "2018-03-12T16:37:39+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-03-12T16:37:39+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T10:34:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7", "product": { "name": "Red Hat JBoss EAP 7", "product_id": "Red Hat JBoss EAP 7", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Jason Shepherd" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7561", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1483823" } ], "notes": [ { "category": "description", "text": "It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Vary header not added by CORS filter leading to cache poisoning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7561" }, { "category": "external", "summary": "RHBZ#1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7561", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561" } ], "release_date": "2017-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T16:37:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "resteasy: Vary header not added by CORS filter leading to cache poisoning" }, { "acknowledgments": [ { "names": [ "Masafumi Miura" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12174", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-09-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1498378" } ], "notes": [ { "category": "description", "text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.", "title": "Vulnerability description" }, { "category": "summary", "text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12174" }, { "category": "external", "summary": "RHBZ#1498378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12174" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174" } ], "release_date": "2018-02-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T16:37:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery" }, { "acknowledgments": [ { "names": [ "Jan Stourac" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12196", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2017-10-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503055" } ], "notes": [ { "category": "description", "text": "It was discovered that when using Digest authentication, the server does not ensure that the value of the URI in the authorization header matches the URI in the HTTP request line. This allows the attacker to execute a MITM attack and access the desired content on the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Client can use bogus uri in Digest authentication", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12196" }, { "category": "external", "summary": "RHBZ#1503055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12196", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12196" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196" } ], "release_date": "2018-03-12T15:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T16:37:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: Client can use bogus uri in Digest authentication" }, { "acknowledgments": [ { "names": [ "Man Yue Mo" ], "organization": "Semmle/lgtm.com" } ], "cve": "CVE-2017-15089", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503610" } ], "notes": [ { "category": "description", "text": "It was found that the Hotrod client in Infinispan would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "infinispan: Unsafe deserialization of malicious object injected into data cache", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15089" }, { "category": "external", "summary": "RHBZ#1503610", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503610" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15089", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15089" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15089", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15089" } ], "release_date": "2018-02-12T15:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T16:37:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "infinispan: Unsafe deserialization of malicious object injected into data cache" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-15095", "cwe": { "id": "CWE-184", "name": "Incomplete List of Disallowed Inputs" }, "discovery_date": "2017-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1506612" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15095" }, { "category": "external", "summary": "RHBZ#1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T16:37:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0478" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "Red Hat JBoss EAP 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)" }, { "acknowledgments": [ { "names": [ "0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4" ] } ], "cve": "CVE-2017-17485", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528565" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17485" }, { "category": "external", "summary": "RHBZ#1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T16:37:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)" }, { "cve": "CVE-2018-1048", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2018-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534343" } ], "notes": [ { "category": "description", "text": "It was found that the AJP connector in undertow does not use the ALLOW_ENCODED_SLASH option and thus allows the slash and anti-slash characters encoded in a URL. This may lead to path traversal and result in the information disclosure of arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1048" }, { "category": "external", "summary": "RHBZ#1534343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534343" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1048", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1048" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1048", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1048" } ], "release_date": "2018-01-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T16:37:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser" }, { "cve": "CVE-2018-5968", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2018-01-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1538332" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind that could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaws CVE-2017-7525 and CVE-2017-17485 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)", "title": "Vulnerability summary" }, { "category": "other", "text": "JBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advice about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nThis issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellitw 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nRed Hat Subscription Asset Manager version 1 is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having Important security impact and is not currently planned to be addressed in future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss EAP 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5968" }, { "category": "external", "summary": "RHBZ#1538332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5968", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5968" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968" } ], "release_date": "2018-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T16:37:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "Red Hat JBoss EAP 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat JBoss EAP 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)" } ] }
rhsa-2018_0481
Vulnerability from csaf_redhat
Published
2018-03-12 17:31
Modified
2024-11-22 10:33
Summary
Red Hat Security Advisory: jboss-ec2-eap package for EAP 7.1.1
Notes
Topic
An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.1.1 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.1.1 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.1.1
Refer to the JBoss Enterprise Application Platform 7.1 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* artemis/hornetq: memory exhaustion via UDP and JGroups discovery (CVE-2017-12174)
* infinispan: Unsafe deserialization of malicious object injected into data cache (CVE-2017-15089)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* resteasy: Vary header not added by CORS filter leading to cache poisoning (CVE-2017-7561)
* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)
* undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser (CVE-2018-1048)
* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.1.1 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.1.1 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.1.1\n\nRefer to the JBoss Enterprise Application Platform 7.1 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* artemis/hornetq: memory exhaustion via UDP and JGroups discovery (CVE-2017-12174)\n\n* infinispan: Unsafe deserialization of malicious object injected into data cache (CVE-2017-15089)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* resteasy: Vary header not added by CORS filter leading to cache poisoning (CVE-2017-7561)\n\n* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)\n\n* undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser (CVE-2018-1048)\n\n* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0481", "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/" }, { "category": "external", "summary": "1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "1498378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378" }, { "category": "external", "summary": "1503055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055" }, { "category": "external", "summary": "1503610", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503610" }, { "category": "external", "summary": "1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "1534343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534343" }, { "category": "external", "summary": "1538332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332" }, { "category": "external", "summary": "JBEAP-7533", "url": "https://issues.redhat.com/browse/JBEAP-7533" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0481.json" } ], "title": "Red Hat Security Advisory: jboss-ec2-eap package for EAP 7.1.1", "tracking": { "current_release_date": "2024-11-22T10:33:30+00:00", "generator": { "date": "2024-11-22T10:33:30+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0481", "initial_release_date": "2018-03-12T17:31:33+00:00", "revision_history": [ { "date": "2018-03-12T17:31:33+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-03-12T17:31:33+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T10:33:30+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "product": { "name": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "product_id": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.1.1-3.1.GA_redhat_3.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "product": { "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "product_id": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.1.1-3.1.GA_redhat_3.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "product": { "name": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "product_id": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.1.1-3.1.GA_redhat_3.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "product": { "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "product_id": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.1.1-3.1.GA_redhat_3.ep7.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "product": { "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "product_id": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.1.1-3.1.GA_redhat_3.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "product": { "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "product_id": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.1.1-3.1.GA_redhat_3.ep7.el6?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch" }, "product_reference": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src" }, "product_reference": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch" }, "product_reference": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" }, "product_reference": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src" }, "product_reference": "eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.1" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" }, "product_reference": "eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.1" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Jason Shepherd" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7561", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1483823" } ], "notes": [ { "category": "description", "text": "It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Vary header not added by CORS filter leading to cache poisoning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7561" }, { "category": "external", "summary": "RHBZ#1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7561", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561" } ], "release_date": "2017-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:31:33+00:00", "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0481" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "resteasy: Vary header not added by CORS filter leading to cache poisoning" }, { "acknowledgments": [ { "names": [ "Masafumi Miura" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12174", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-09-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1498378" } ], "notes": [ { "category": "description", "text": "It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.", "title": "Vulnerability description" }, { "category": "summary", "text": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12174" }, { "category": "external", "summary": "RHBZ#1498378", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498378" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12174", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12174" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12174" } ], "release_date": "2018-02-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:31:33+00:00", "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0481" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "artemis/hornetq: memory exhaustion via UDP and JGroups discovery" }, { "acknowledgments": [ { "names": [ "Jan Stourac" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12196", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2017-10-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503055" } ], "notes": [ { "category": "description", "text": "It was discovered that when using Digest authentication, the server does not ensure that the value of the URI in the authorization header matches the URI in the HTTP request line. This allows the attacker to execute a MITM attack and access the desired content on the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: Client can use bogus uri in Digest authentication", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12196" }, { "category": "external", "summary": "RHBZ#1503055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12196", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12196" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196" } ], "release_date": "2018-03-12T15:56:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:31:33+00:00", "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0481" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: Client can use bogus uri in Digest authentication" }, { "acknowledgments": [ { "names": [ "Man Yue Mo" ], "organization": "Semmle/lgtm.com" } ], "cve": "CVE-2017-15089", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1503610" } ], "notes": [ { "category": "description", "text": "It was found that the Hotrod client in Infinispan would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "infinispan: Unsafe deserialization of malicious object injected into data cache", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15089" }, { "category": "external", "summary": "RHBZ#1503610", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503610" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15089", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15089" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15089", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15089" } ], "release_date": "2018-02-12T15:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:31:33+00:00", "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0481" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "infinispan: Unsafe deserialization of malicious object injected into data cache" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-15095", "cwe": { "id": "CWE-184", "name": "Incomplete List of Disallowed Inputs" }, "discovery_date": "2017-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1506612" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-15095" }, { "category": "external", "summary": "RHBZ#1506612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:31:33+00:00", "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)" }, { "acknowledgments": [ { "names": [ "0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4" ] } ], "cve": "CVE-2017-17485", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2017-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528565" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17485" }, { "category": "external", "summary": "RHBZ#1528565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485" }, { "category": "external", "summary": "https://access.redhat.com/solutions/3442891", "url": "https://access.redhat.com/solutions/3442891" } ], "release_date": "2017-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:31:33+00:00", "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0481" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)" }, { "cve": "CVE-2018-1048", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2018-01-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1534343" } ], "notes": [ { "category": "description", "text": "It was found that the AJP connector in undertow does not use the ALLOW_ENCODED_SLASH option and thus allows the slash and anti-slash characters encoded in a URL. This may lead to path traversal and result in the information disclosure of arbitrary local files.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1048" }, { "category": "external", "summary": "RHBZ#1534343", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534343" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1048", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1048" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1048", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1048" } ], "release_date": "2018-01-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:31:33+00:00", "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0481" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser" }, { "cve": "CVE-2018-5968", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2018-01-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1538332" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind that could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaws CVE-2017-7525 and CVE-2017-17485 by blacklisting more classes that could be used maliciously.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)", "title": "Vulnerability summary" }, { "category": "other", "text": "JBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advice about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nThis issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellitw 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nRed Hat Subscription Asset Manager version 1 is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having Important security impact and is not currently planned to be addressed in future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-5968" }, { "category": "external", "summary": "RHBZ#1538332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5968", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5968" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968" } ], "release_date": "2018-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-03-12T17:31:33+00:00", "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0481" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el6.src", "6Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el6.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-0:7.1.1-3.1.GA_redhat_3.ep7.el7.src", "7Server-JBEAP-7.1:eap7-jboss-ec2-eap-samples-0:7.1.1-3.1.GA_redhat_3.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)" } ] }
rhsa-2018_0002
Vulnerability from csaf_redhat
Published
2018-01-03 10:30
Modified
2024-11-22 11:16
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 6
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API. (CVE-2017-12629)
* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2017-12189)
* It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack. (CVE-2016-6346)
* It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. (CVE-2017-7559)
* It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. (CVE-2017-7561)
* It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. (CVE-2017-12167)
* It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling. (CVE-2017-12165)
Red Hat would like to thank Mikhail Egorov (Odin) for reporting CVE-2016-6346. The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat); the CVE-2017-7561 issue was discovered by Jason Shepherd (Red Hat Product Security); and the CVE-2017-12167 issue was discovered by Brian Stansberry (Red Hat) and Jeremy Choi (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.0.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API. (CVE-2017-12629)\n\n* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2017-12189)\n\n* It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack. (CVE-2016-6346)\n\n* It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. (CVE-2017-7559)\n\n* It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. (CVE-2017-7561)\n\n* It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. (CVE-2017-12167)\n\n* It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling. (CVE-2017-12165)\n\nRed Hat would like to thank Mikhail Egorov (Odin) for reporting CVE-2016-6346. The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat); the CVE-2017-7561 issue was discovered by Jason Shepherd (Red Hat Product Security); and the CVE-2017-12167 issue was discovered by Brian Stansberry (Red Hat) and Jeremy Choi (Red Hat).", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0002", "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/", "url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/" }, { "category": "external", "summary": "1372120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372120" }, { "category": "external", "summary": "1481665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665" }, { "category": "external", "summary": "1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "1490301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301" }, { "category": "external", "summary": "1491612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491612" }, { "category": "external", "summary": "1499631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499631" }, { "category": "external", "summary": "1501529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529" }, { "category": "external", "summary": "JBEAP-12349", "url": "https://issues.redhat.com/browse/JBEAP-12349" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0002.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 6", "tracking": { "current_release_date": "2024-11-22T11:16:59+00:00", "generator": { "date": "2024-11-22T11:16:59+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0002", "initial_release_date": "2018-01-03T10:30:19+00:00", "revision_history": [ { "date": "2018-01-03T10:30:19+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-01-03T10:30:20+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:16:59+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "product_id": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "product_id": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "product": { "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "product_id": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "product": { "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "product_id": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "product": { "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "product_id": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7.el6?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "product": { "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "product_id": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7.el6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.3.8-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@1.1.0-19.SP24_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-async-http-servlet-3.0@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-client@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.0.19-7.SP5_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.0.16-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.0.16-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-infinispan@5.0.16-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-core@5.0.16-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.0.16-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product": { "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_id": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "product": { "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "product_id": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "product_id": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.0.9-4.GA_redhat_3.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "product_id": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "product_id": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src" }, "product_reference": "eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch" }, "product_reference": "eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch" }, "product_reference": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src" }, "product_reference": "eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src" }, "product_reference": "eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src" }, "product_reference": "eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Mikhail Egorov" ], "organization": "Odin" } ], "cve": "CVE-2016-6346", "discovery_date": "2016-08-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1372120" } ], "notes": [ { "category": "description", "text": "It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue was fixed in EAP 7.1.0, but was not fixed in 7.0.7\nOn Red Hat Satellite 6.5 this issue is fixed through the candlepin package update (candlepin 2.5.8), which contains a non-vulnerable version of RESTEasy.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6346" }, { "category": "external", "summary": "RHBZ#1372120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372120" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6346", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6346" } ], "release_date": "2016-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:30:19+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0002" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack" }, { "acknowledgments": [ { "names": [ "Stuart Douglas" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7559", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2017-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1481665" } ], "notes": [ { "category": "description", "text": "It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7559" }, { "category": "external", "summary": "RHBZ#1481665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7559", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7559" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559" } ], "release_date": "2017-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:30:19+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0002" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)" }, { "acknowledgments": [ { "names": [ "Jason Shepherd" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7561", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1483823" } ], "notes": [ { "category": "description", "text": "It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Vary header not added by CORS filter leading to cache poisoning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7561" }, { "category": "external", "summary": "RHBZ#1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7561", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561" } ], "release_date": "2017-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:30:19+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0002" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "resteasy: Vary header not added by CORS filter leading to cache poisoning" }, { "acknowledgments": [ { "names": [ "Stuart Douglas" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12165", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2017-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490301" } ], "notes": [ { "category": "description", "text": "It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: improper whitespace parsing leading to potential HTTP request smuggling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12165" }, { "category": "external", "summary": "RHBZ#1490301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12165", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12165" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165" } ], "release_date": "2017-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:30:19+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0002" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: improper whitespace parsing leading to potential HTTP request smuggling" }, { "acknowledgments": [ { "names": [ "Brian Stansberry", "Jeremy Choi" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12167", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2017-09-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1491612" } ], "notes": [ { "category": "description", "text": "It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP-7: Wrong privileges on multiple property files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12167" }, { "category": "external", "summary": "RHBZ#1491612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12167", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12167" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12167", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12167" } ], "release_date": "2017-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:30:19+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0002" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP-7: Wrong privileges on multiple property files" }, { "cve": "CVE-2017-12189", "discovery_date": "2017-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1499631" } ], "notes": [ { "category": "description", "text": "It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12189" }, { "category": "external", "summary": "RHBZ#1499631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499631" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12189", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12189" } ], "release_date": "2018-01-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:30:19+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0002" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)" }, { "cve": "CVE-2017-12629", "cwe": { "id": "CWE-138", "name": "Improper Neutralization of Special Elements" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501529" } ], "notes": [ { "category": "description", "text": "It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API.", "title": "Vulnerability description" }, { "category": "summary", "text": "Solr: Code execution via entity expansion", "title": "Vulnerability summary" }, { "category": "other", "text": "The following products are not affected by this flaw, as they do not use the vulnerable functionality of either aspect of the issue.\nRed Hat JBoss Enterprise Application Platform 6\nRed Hat JBoss BPM Suite\nRed Hat JBoss BRMS\nRed Hat Enterprise Virtualization Manager\nRed Hat Single Sign-On 7\nRed Hat JBoss Portal Platform 6\n\nRed Hat JBoss Enterprise Application Platform 7 is not affected by this flaw. However, it does ship the vulnerable Lucene class in a dependency to another component. Customers who reuse the lucene-queryparser jar in their applications may be vulnerable to the External Entity Expansion aspect of this flaw. This will be patched in a forthcoming release.\n\nRed Hat JBoss Fuse is not affected by this flaw, as it does not use the vulnerable functionality of either aspect of this flaw. Fuse customers who may be running external Solr servers, while not affected from the Fuse side, are advised to secure their Solr servers as recommended in the mitigation provided.\n\nThe following products ship only the Lucene components relevant to this flaw, and are not vulnerable to the second portion of the vulnerability, the code execution exploit. As such, the impact of this flaw has been determined to be Moderate for these respective products:\nRed Hat JBoss Data Grid 7 \nRed Hat Enterprise Linux 6\nRed Hat Software Collections 2.4\n\nThis issue did not affect the versions of lucene as shipped with Red Hat Enterprise Linux 5.\n\nThis issue does not affect Elasticsearch as shipped in OpenShift Container Platform.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12629" }, { "category": "external", "summary": "RHBZ#1501529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12629", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629" }, { "category": "external", "summary": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629", "url": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629" } ], "release_date": "2017-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:30:19+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "category": "workaround", "details": "Until fixes are available, all Solr users are advised to restart their Solr instances with the system parameter `-Ddisable.configEdit=true`. This will disallow any changes to be made to configurations via the Config API. This is a key factor in this vulnerability, since it allows GET requests to add the RunExecutableListener to the config.\n\nThis is sufficient to protect from this type of attack, but means you cannot use the edit capabilities of the Config API until further fixes are in place.", "product_ids": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-activemq-artemis-cli-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-commons-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-core-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-dto-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hornetq-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-hqclient-protocol-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-client-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-jms-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-journal-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-native-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-ra-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-selector-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-server-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-activemq-artemis-service-extensions-0:1.1.0-19.SP24_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-0:5.0.16-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-hibernate-core-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-entitymanager-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-envers-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-infinispan-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-hibernate-java8-0:5.0.16-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-0:1.3.8-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-ironjacamar-common-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-common-spi-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-api-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-core-impl-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-deployers-common-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-jdbc-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-ironjacamar-validator-0:1.3.8-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-remoting-0:4.0.25-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-xnio-base-0:3.4.7-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jgroups-0:3.6.12-1.Final_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-resteasy-async-http-servlet-3.0-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-atom-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-cdi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-client-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-crypto-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jackson2-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxb-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jaxrs-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jettison-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jose-jwt-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-jsapi-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-json-p-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-multipart-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-spring-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-validator-provider-11-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-resteasy-yaml-provider-0:3.0.19-7.SP5_redhat_1.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-undertow-0:1.3.31-3.Final_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-0:7.0.9-4.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-wildfly-javadocs-0:7.0.9-2.GA_redhat_3.1.ep7.el6.src", "6Server-JBEAP-7.0:eap7-wildfly-modules-0:7.0.9-4.GA_redhat_3.1.ep7.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Solr: Code execution via entity expansion" } ] }
rhsa-2018_0005
Vulnerability from csaf_redhat
Published
2018-01-03 10:49
Modified
2024-11-22 11:17
Summary
Red Hat Security Advisory: eap7-jboss-ec2-eap security update
Notes
Topic
An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.9.
Refer to the JBoss Enterprise Application Platform 7.0.9 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr's Config API. (CVE-2017-12629)
* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2017-12189)
* It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack. (CVE-2016-6346)
* It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. (CVE-2017-7559)
* It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. (CVE-2017-7561)
* It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. (CVE-2017-12167)
* It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling. (CVE-2017-12165)
Red Hat would like to thank Mikhail Egorov (Odin) for reporting CVE-2016-6346. The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat); the CVE-2017-7561 issue was discovered by Jason Shepherd (Red Hat Product Security); and the CVE-2017-12167 issue was discovered by Brian Stansberry (Red Hat) and Jeremy Choi (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.9.\n\nRefer to the JBoss Enterprise Application Platform 7.0.9 Release Notes, linked to in the References section, for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API. (CVE-2017-12629)\n\n* It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation. (CVE-2017-12189)\n\n* It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack. (CVE-2016-6346)\n\n* It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. (CVE-2017-7559)\n\n* It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. (CVE-2017-7561)\n\n* It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. (CVE-2017-12167)\n\n* It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling. (CVE-2017-12165)\n\nRed Hat would like to thank Mikhail Egorov (Odin) for reporting CVE-2016-6346. The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat); the CVE-2017-7561 issue was discovered by Jason Shepherd (Red Hat Product Security); and the CVE-2017-12167 issue was discovered by Brian Stansberry (Red Hat) and Jeremy Choi (Red Hat).", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2018:0005", "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/", "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/installation-guide/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/", "url": "https://access.redhat.com/documentation/en/jboss-enterprise-application-platform/" }, { "category": "external", "summary": "1372120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372120" }, { "category": "external", "summary": "1481665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665" }, { "category": "external", "summary": "1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "1490301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301" }, { "category": "external", "summary": "1491612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491612" }, { "category": "external", "summary": "1499631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499631" }, { "category": "external", "summary": "1501529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529" }, { "category": "external", "summary": "JBEAP-12351", "url": "https://issues.redhat.com/browse/JBEAP-12351" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0005.json" } ], "title": "Red Hat Security Advisory: eap7-jboss-ec2-eap security update", "tracking": { "current_release_date": "2024-11-22T11:17:10+00:00", "generator": { "date": "2024-11-22T11:17:10+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2018:0005", "initial_release_date": "2018-01-03T10:49:39+00:00", "revision_history": [ { "date": "2018-01-03T10:49:39+00:00", "number": "1", "summary": "Initial version" }, { "date": "2018-01-03T10:49:39+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T11:17:10+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "product": { "name": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "product_id": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.0.9-2.GA_redhat_2.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "product": { "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "product_id": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7.el7?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "product": { "name": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "product_id": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap-samples@7.0.9-2.GA_redhat_2.ep7.el6?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "product": { "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "product_id": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "product": { "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "product_id": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7.el7?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "product": { "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "product_id": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7.el6?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch" }, "product_reference": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src" }, "product_reference": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server", "product_id": "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch" }, "product_reference": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" }, "product_reference": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src" }, "product_reference": "eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "relates_to_product_reference": "7Server-JBEAP-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" }, "product_reference": "eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-7.0" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Mikhail Egorov" ], "organization": "Odin" } ], "cve": "CVE-2016-6346", "discovery_date": "2016-08-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1372120" } ], "notes": [ { "category": "description", "text": "It was found that GZIPInterceptor is enabled when not necessarily required in RESTEasy. An attacker could use this flaw to launch a Denial of Service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue was fixed in EAP 7.1.0, but was not fixed in 7.0.7\nOn Red Hat Satellite 6.5 this issue is fixed through the candlepin package update (candlepin 2.5.8), which contains a non-vulnerable version of RESTEasy.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6346" }, { "category": "external", "summary": "RHBZ#1372120", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1372120" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6346", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6346" } ], "release_date": "2016-09-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:49:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0005" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack" }, { "acknowledgments": [ { "names": [ "Stuart Douglas" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7559", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2017-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1481665" } ], "notes": [ { "category": "description", "text": "It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7559" }, { "category": "external", "summary": "RHBZ#1481665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7559", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7559" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559" } ], "release_date": "2017-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:49:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0005" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)" }, { "acknowledgments": [ { "names": [ "Jason Shepherd" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-7561", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "discovery_date": "2017-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1483823" } ], "notes": [ { "category": "description", "text": "It was discovered that the CORS Filter did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Vary header not added by CORS filter leading to cache poisoning", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7561" }, { "category": "external", "summary": "RHBZ#1483823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1483823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7561", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561" } ], "release_date": "2017-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:49:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0005" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "resteasy: Vary header not added by CORS filter leading to cache poisoning" }, { "acknowledgments": [ { "names": [ "Stuart Douglas" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12165", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2017-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1490301" } ], "notes": [ { "category": "description", "text": "It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: improper whitespace parsing leading to potential HTTP request smuggling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12165" }, { "category": "external", "summary": "RHBZ#1490301", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12165", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12165" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165" } ], "release_date": "2017-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:49:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0005" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.6, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "undertow: improper whitespace parsing leading to potential HTTP request smuggling" }, { "acknowledgments": [ { "names": [ "Brian Stansberry", "Jeremy Choi" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2017-12167", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2017-09-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1491612" } ], "notes": [ { "category": "description", "text": "It was found that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP-7: Wrong privileges on multiple property files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12167" }, { "category": "external", "summary": "RHBZ#1491612", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491612" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12167", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12167" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12167", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12167" } ], "release_date": "2017-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:49:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0005" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "EAP-7: Wrong privileges on multiple property files" }, { "cve": "CVE-2017-12189", "discovery_date": "2017-10-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1499631" } ], "notes": [ { "category": "description", "text": "It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12189" }, { "category": "external", "summary": "RHBZ#1499631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499631" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12189", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12189" } ], "release_date": "2018-01-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:49:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0005" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)" }, { "cve": "CVE-2017-12629", "cwe": { "id": "CWE-138", "name": "Improper Neutralization of Special Elements" }, "discovery_date": "2017-10-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1501529" } ], "notes": [ { "category": "description", "text": "It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code if the server enabled Apache Solr\u0027s Config API.", "title": "Vulnerability description" }, { "category": "summary", "text": "Solr: Code execution via entity expansion", "title": "Vulnerability summary" }, { "category": "other", "text": "The following products are not affected by this flaw, as they do not use the vulnerable functionality of either aspect of the issue.\nRed Hat JBoss Enterprise Application Platform 6\nRed Hat JBoss BPM Suite\nRed Hat JBoss BRMS\nRed Hat Enterprise Virtualization Manager\nRed Hat Single Sign-On 7\nRed Hat JBoss Portal Platform 6\n\nRed Hat JBoss Enterprise Application Platform 7 is not affected by this flaw. However, it does ship the vulnerable Lucene class in a dependency to another component. Customers who reuse the lucene-queryparser jar in their applications may be vulnerable to the External Entity Expansion aspect of this flaw. This will be patched in a forthcoming release.\n\nRed Hat JBoss Fuse is not affected by this flaw, as it does not use the vulnerable functionality of either aspect of this flaw. Fuse customers who may be running external Solr servers, while not affected from the Fuse side, are advised to secure their Solr servers as recommended in the mitigation provided.\n\nThe following products ship only the Lucene components relevant to this flaw, and are not vulnerable to the second portion of the vulnerability, the code execution exploit. As such, the impact of this flaw has been determined to be Moderate for these respective products:\nRed Hat JBoss Data Grid 7 \nRed Hat Enterprise Linux 6\nRed Hat Software Collections 2.4\n\nThis issue did not affect the versions of lucene as shipped with Red Hat Enterprise Linux 5.\n\nThis issue does not affect Elasticsearch as shipped in OpenShift Container Platform.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-12629" }, { "category": "external", "summary": "RHBZ#1501529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501529" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12629", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12629" }, { "category": "external", "summary": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629", "url": "https://access.redhat.com/security/vulnerabilities/CVE-2017-12629" } ], "release_date": "2017-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2018-01-03T10:49:39+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "category": "workaround", "details": "Until fixes are available, all Solr users are advised to restart their Solr instances with the system parameter `-Ddisable.configEdit=true`. This will disallow any changes to be made to configurations via the Config API. This is a key factor in this vulnerability, since it allows GET requests to add the RunExecutableListener to the config.\n\nThis is sufficient to protect from this type of attack, but means you cannot use the edit capabilities of the Config API until further fixes are in place.", "product_ids": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el6.src", "6Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el6.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-0:7.0.9-2.GA_redhat_2.ep7.el7.src", "7Server-JBEAP-7.0:eap7-jboss-ec2-eap-samples-0:7.0.9-2.GA_redhat_2.ep7.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Solr: Code execution via entity expansion" } ] }
ghsa-57q5-x8jf-g7h8
Vulnerability from github
Published
2022-05-13 01:47
Modified
2022-07-01 11:43
Severity ?
Summary
Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP
Details
Red Hat JBoss EAP version 3.0.7.Final until 3.0.25.Final, 3.5.0.CR1, and 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.
{ "affected": [ { "database_specific": { "last_known_affected_version_range": "\u003c= 3.0.24.Final" }, "package": { "ecosystem": "Maven", "name": "org.jboss.resteas:resteasy-jaxrs" }, "ranges": [ { "events": [ { "introduced": "3.0.7.Final" }, { "fixed": "3.0.25.Final" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.jboss.resteas:resteasy-jaxrs" }, "ranges": [ { "events": [ { "introduced": "3.1.4.Final" }, { "fixed": "3.5.0.CR1" } ], "type": "ECOSYSTEM" } ], "versions": [ "3.1.4.Final" ] } ], "aliases": [ "CVE-2017-7561" ], "database_specific": { "cwe_ids": [ "CWE-444" ], "github_reviewed": true, "github_reviewed_at": "2022-07-01T11:43:57Z", "nvd_published_at": "2017-09-13T17:29:00Z", "severity": "HIGH" }, "details": "Red Hat JBoss EAP version 3.0.7.Final until 3.0.25.Final, 3.5.0.CR1, and 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.", "id": "GHSA-57q5-x8jf-g7h8", "modified": "2022-07-01T11:43:57Z", "published": "2022-05-13T01:47:01Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7561" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0478" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "type": "WEB", "url": "https://issues.jboss.org/browse/RESTEASY-1704" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" } ], "summary": "Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP" }
gsd-2017-7561
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2017-7561", "description": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.", "id": "GSD-2017-7561", "references": [ "https://www.suse.com/security/cve/CVE-2017-7561.html", "https://access.redhat.com/errata/RHSA-2018:0481", "https://access.redhat.com/errata/RHSA-2018:0480", "https://access.redhat.com/errata/RHSA-2018:0479", "https://access.redhat.com/errata/RHSA-2018:0478", "https://access.redhat.com/errata/RHSA-2018:0005", "https://access.redhat.com/errata/RHSA-2018:0004", "https://access.redhat.com/errata/RHSA-2018:0003", "https://access.redhat.com/errata/RHSA-2018:0002" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2017-7561" ], "details": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.", "id": "GSD-2017-7561", "modified": "2023-12-13T01:21:07.175367Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "DATE_PUBLIC": "2017-08-22T00:00:00", "ID": "CVE-2017-7561", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "resteasy", "version": { "version_data": [ { "version_value": "3.0.7 through before 4.0.0Beta1" } ] } } ] }, "vendor_name": "Red Hat, Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-346" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:0479", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "name": "RHSA-2018:0481", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "name": "100465", "refsource": "BID", "url": "http://www.securityfocus.com/bid/100465" }, { "name": "RHSA-2018:0002", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "name": "RHSA-2018:0004", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "name": "RHSA-2018:0003", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "name": "RHSA-2018:0480", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "name": "RHSA-2018:0005", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "name": "https://issues.jboss.org/browse/RESTEASY-1704", "refsource": "MISC", "url": "https://issues.jboss.org/browse/RESTEASY-1704" }, { "name": "RHSA-2018:0478", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "[3.0.7.Final,3.0.24.Final],[3.1.4.Final]", "affected_versions": "All versions starting from 3.0.7.final up to 3.0.24.final, version 3.1.4.final", "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "cwe_ids": [ "CWE-1035", "CWE-444", "CWE-937" ], "date": "2022-07-01", "description": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.", "fixed_versions": [ "3.0.25.Final", "3.5.0.CR1" ], "identifier": "CVE-2017-7561", "identifiers": [ "GHSA-57q5-x8jf-g7h8", "CVE-2017-7561" ], "not_impacted": "All versions before 3.0.7.final, all versions after 3.0.24.final before 3.1.4.final, all versions after 3.1.4.final", "package_slug": "maven/org.jboss.resteas/resteasy-jaxrs", "pubdate": "2022-05-13", "solution": "Upgrade to versions 3.0.25.Final, 3.5.0.CR1 or above.", "title": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2017-7561", "https://access.redhat.com/errata/RHSA-2018:0002", "https://access.redhat.com/errata/RHSA-2018:0003", "https://access.redhat.com/errata/RHSA-2018:0004", "https://access.redhat.com/errata/RHSA-2018:0005", "https://access.redhat.com/errata/RHSA-2018:0478", "https://access.redhat.com/errata/RHSA-2018:0479", "https://access.redhat.com/errata/RHSA-2018:0480", "https://access.redhat.com/errata/RHSA-2018:0481", "https://issues.jboss.org/browse/RESTEASY-1704", "https://github.com/advisories/GHSA-57q5-x8jf-g7h8" ], "uuid": "a54089fc-5d19-4516-ba06-51ca07c28243" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:3.2.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2017-7561" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-444" } ] } ] }, "references": { "reference_data": [ { "name": "https://issues.jboss.org/browse/RESTEASY-1704", "refsource": "MISC", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://issues.jboss.org/browse/RESTEASY-1704" }, { "name": "100465", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/100465" }, { "name": "RHSA-2018:0005", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:0005" }, { "name": "RHSA-2018:0004", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:0004" }, { "name": "RHSA-2018:0003", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:0003" }, { "name": "RHSA-2018:0002", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:0002" }, { "name": "RHSA-2018:0481", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "name": "RHSA-2018:0480", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "name": "RHSA-2018:0479", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "name": "RHSA-2018:0478", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2018:0478" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2019-10-03T00:03Z", "publishedDate": "2017-09-13T17:29Z" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.