rhsa-2016_0489
Vulnerability from csaf_redhat
Published
2016-03-22 16:49
Modified
2024-11-22 09:45
Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise 2.2.9 security, bug fix, and enhancement update

Notes

Topic
Red Hat OpenShift Enterprise release 2.2.9, which fixes several security issues, several bugs, and introduces feature enhancements, is now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Details
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments. The following security issue is addressed with this release: It was found that ActiveMQ did not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the ActiveMQ application. (CVE-2015-5254) An update for Jenkins Continuous Integration Server that addresses a large number of security issues including XSS, CSRF, information disclosure and code execution have been addressed as well. (CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5324, CVE-2015-5325, CVE-2015-5326, CVE-2015-7537, CVE-2015-7538, CVE-2015-7539, CVE-2015-8103) Space precludes documenting all of the bug fixes in this advisory. See the OpenShift Enterprise Technical Notes, which will be updated shortly for release 2.2.9, for details about these changes: https://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/Technical_Notes/index.html All OpenShift Enterprise 2 users are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Enterprise release 2.2.9, which fixes several \nsecurity issues, several bugs, and introduces feature enhancements, is \nnow available.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenShift Enterprise by Red Hat is the company\u0027s cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or\nprivate cloud deployments.\n\nThe following security issue is addressed with this release:\n\nIt was found that ActiveMQ did not safely handle user supplied data \nwhen deserializing objects. A remote attacker could use this flaw to \nexecute arbitrary code with the permissions of the ActiveMQ \napplication. (CVE-2015-5254)\n\nAn update for Jenkins Continuous Integration Server that addresses a \nlarge number of security issues including XSS, CSRF, information \ndisclosure and code execution have been addressed as well. \n(CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, \nCVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5324, \nCVE-2015-5325, CVE-2015-5326, CVE-2015-7537, CVE-2015-7538, \nCVE-2015-7539, CVE-2015-8103)\n\nSpace precludes documenting all of the bug fixes in this advisory. See\nthe OpenShift Enterprise Technical Notes, which will be updated\nshortly for release 2.2.9, for details about these changes:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/Technical_Notes/index.html\n\nAll OpenShift Enterprise 2 users are advised to upgrade to these \nupdated packages.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2016:0489",
        "url": "https://access.redhat.com/errata/RHSA-2016:0489"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1111456",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1111456"
      },
      {
        "category": "external",
        "summary": "1140816",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1140816"
      },
      {
        "category": "external",
        "summary": "1160934",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1160934"
      },
      {
        "category": "external",
        "summary": "1168480",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168480"
      },
      {
        "category": "external",
        "summary": "1169690",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169690"
      },
      {
        "category": "external",
        "summary": "1265423",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265423"
      },
      {
        "category": "external",
        "summary": "1265811",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265811"
      },
      {
        "category": "external",
        "summary": "1279584",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1279584"
      },
      {
        "category": "external",
        "summary": "1282359",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282359"
      },
      {
        "category": "external",
        "summary": "1282361",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282361"
      },
      {
        "category": "external",
        "summary": "1282362",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282362"
      },
      {
        "category": "external",
        "summary": "1282363",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282363"
      },
      {
        "category": "external",
        "summary": "1282364",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282364"
      },
      {
        "category": "external",
        "summary": "1282365",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282365"
      },
      {
        "category": "external",
        "summary": "1282366",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282366"
      },
      {
        "category": "external",
        "summary": "1282367",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282367"
      },
      {
        "category": "external",
        "summary": "1282368",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282368"
      },
      {
        "category": "external",
        "summary": "1282369",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282369"
      },
      {
        "category": "external",
        "summary": "1282371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282371"
      },
      {
        "category": "external",
        "summary": "1283372",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283372"
      },
      {
        "category": "external",
        "summary": "1291292",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291292"
      },
      {
        "category": "external",
        "summary": "1291795",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291795"
      },
      {
        "category": "external",
        "summary": "1291797",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291797"
      },
      {
        "category": "external",
        "summary": "1291798",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291798"
      },
      {
        "category": "external",
        "summary": "1294513",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1294513"
      },
      {
        "category": "external",
        "summary": "1299014",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299014"
      },
      {
        "category": "external",
        "summary": "1299095",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1299095"
      },
      {
        "category": "external",
        "summary": "1302787",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302787"
      },
      {
        "category": "external",
        "summary": "1305688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1305688"
      },
      {
        "category": "external",
        "summary": "1307174",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1307174"
      },
      {
        "category": "external",
        "summary": "1307175",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1307175"
      },
      {
        "category": "external",
        "summary": "1308716",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308716"
      },
      {
        "category": "external",
        "summary": "1308718",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308718"
      },
      {
        "category": "external",
        "summary": "1308720",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308720"
      },
      {
        "category": "external",
        "summary": "1308722",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308722"
      },
      {
        "category": "external",
        "summary": "1308739",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308739"
      },
      {
        "category": "external",
        "summary": "1310247",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310247"
      },
      {
        "category": "external",
        "summary": "1310266",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310266"
      },
      {
        "category": "external",
        "summary": "1310841",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310841"
      },
      {
        "category": "external",
        "summary": "1314535",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314535"
      },
      {
        "category": "external",
        "summary": "1314546",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314546"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0489.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise 2.2.9 security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T09:45:53+00:00",
      "generator": {
        "date": "2024-11-22T09:45:53+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2016:0489",
      "initial_release_date": "2016-03-22T16:49:04+00:00",
      "revision_history": [
        {
          "date": "2016-03-22T16:49:04+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2016-03-22T16:49:04+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T09:45:53+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Enterprise Infrastructure 2.2",
                "product": {
                  "name": "Red Hat OpenShift Enterprise Infrastructure 2.2",
                  "product_id": "6Server-RHOSE-INFRA-2.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:2.0::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Enterprise Node 2.2",
                "product": {
                  "name": "Red Hat OpenShift Enterprise Node 2.2",
                  "product_id": "6Server-RHOSE-NODE-2.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:2.0::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Enterprise Client 2.2",
                "product": {
                  "name": "Red Hat OpenShift Enterprise Client 2.2",
                  "product_id": "6Server-RHOSE-CLIENT-2.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:2.0::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
                "product": {
                  "name": "openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
                  "product_id": "openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-upgrade@2.2.9-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
                "product": {
                  "name": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
                  "product_id": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-php@1.35.3.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
                "product": {
                  "name": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
                  "product_id": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-node-proxy@1.26.2.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
                "product": {
                  "name": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
                  "product_id": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-haproxy@1.31.5.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
                "product": {
                  "name": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
                  "product_id": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-mysql@1.31.2.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
                "product": {
                  "name": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
                  "product_id": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-console@1.35.5.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
                "product": {
                  "name": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
                  "product_id": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-controller@1.38.5.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhc-0:1.38.6.1-1.el6op.src",
                "product": {
                  "name": "rhc-0:1.38.6.1-1.el6op.src",
                  "product_id": "rhc-0:1.38.6.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc@1.38.6.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "php-0:5.3.3-46.el6_7.1.src",
                "product": {
                  "name": "php-0:5.3.3-46.el6_7.1.src",
                  "product_id": "php-0:5.3.3-46.el6_7.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/php@5.3.3-46.el6_7.1?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
                "product": {
                  "name": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
                  "product_id": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-python@1.34.2.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
                "product": {
                  "name": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
                  "product_id": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-broker-util@1.37.5.3-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
                "product": {
                  "name": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
                  "product_id": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-cron@1.25.2.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
                "product": {
                  "name": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
                  "product_id": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-common@1.29.5.2-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
                "product": {
                  "name": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
                  "product_id": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-msg-node-mcollective@1.30.2.1-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src",
                "product": {
                  "name": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src",
                  "product_id": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-node@1.38.5.3-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
                "product": {
                  "name": "openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
                  "product_id": "openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-node-util@1.38.6.2-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "activemq-0:5.9.0-6.redhat.611454.el6op.src",
                "product": {
                  "name": "activemq-0:5.9.0-6.redhat.611454.el6op.src",
                  "product_id": "activemq-0:5.9.0-6.redhat.611454.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/activemq@5.9.0-6.redhat.611454.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-0:1.625.3-1.el6op.src",
                "product": {
                  "name": "jenkins-0:1.625.3-1.el6op.src",
                  "product_id": "jenkins-0:1.625.3-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@1.625.3-1.el6op?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
                "product": {
                  "name": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
                  "product_id": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-frontend-apache-vhost@0.13.2.1-1.el6op?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
                "product": {
                  "name": "openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
                  "product_id": "openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-release@2.2.9-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
                "product": {
                  "name": "openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
                  "product_id": "openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-upgrade-node@2.2.9-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
                "product": {
                  "name": "openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
                  "product_id": "openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-yum-validator@2.2.9-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
                "product": {
                  "name": "openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
                  "product_id": "openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-upgrade-broker@2.2.9-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
                "product": {
                  "name": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
                  "product_id": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-php@1.35.3.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
                "product": {
                  "name": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
                  "product_id": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-node-proxy@1.26.2.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
                "product": {
                  "name": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
                  "product_id": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-haproxy@1.31.5.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
                "product": {
                  "name": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
                  "product_id": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-mysql@1.31.2.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
                "product": {
                  "name": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
                  "product_id": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-console@1.35.5.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
                "product": {
                  "name": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
                  "product_id": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-controller@1.38.5.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhc-0:1.38.6.1-1.el6op.noarch",
                "product": {
                  "name": "rhc-0:1.38.6.1-1.el6op.noarch",
                  "product_id": "rhc-0:1.38.6.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc@1.38.6.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
                "product": {
                  "name": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
                  "product_id": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-python@1.34.2.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
                "product": {
                  "name": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
                  "product_id": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-broker-util@1.37.5.3-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
                "product": {
                  "name": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
                  "product_id": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-cartridge-cron@1.25.2.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
                "product": {
                  "name": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
                  "product_id": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-common@1.29.5.2-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
                "product": {
                  "name": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
                  "product_id": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-msg-node-mcollective@1.30.2.1-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
                "product": {
                  "name": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
                  "product_id": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-node@1.38.5.3-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
                "product": {
                  "name": "openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
                  "product_id": "openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-origin-node-util@1.38.6.2-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-0:1.625.3-1.el6op.noarch",
                "product": {
                  "name": "jenkins-0:1.625.3-1.el6op.noarch",
                  "product_id": "jenkins-0:1.625.3-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@1.625.3-1.el6op?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
                "product": {
                  "name": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
                  "product_id": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-frontend-apache-vhost@0.13.2.1-1.el6op?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "php-intl-0:5.3.3-46.el6_7.1.x86_64",
                "product": {
                  "name": "php-intl-0:5.3.3-46.el6_7.1.x86_64",
                  "product_id": "php-intl-0:5.3.3-46.el6_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/php-intl@5.3.3-46.el6_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "php-process-0:5.3.3-46.el6_7.1.x86_64",
                "product": {
                  "name": "php-process-0:5.3.3-46.el6_7.1.x86_64",
                  "product_id": "php-process-0:5.3.3-46.el6_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/php-process@5.3.3-46.el6_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "php-fpm-0:5.3.3-46.el6_7.1.x86_64",
                "product": {
                  "name": "php-fpm-0:5.3.3-46.el6_7.1.x86_64",
                  "product_id": "php-fpm-0:5.3.3-46.el6_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/php-fpm@5.3.3-46.el6_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "php-devel-0:5.3.3-46.el6_7.1.x86_64",
                "product": {
                  "name": "php-devel-0:5.3.3-46.el6_7.1.x86_64",
                  "product_id": "php-devel-0:5.3.3-46.el6_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/php-devel@5.3.3-46.el6_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
                "product": {
                  "name": "php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
                  "product_id": "php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/php-bcmath@5.3.3-46.el6_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
                "product": {
                  "name": "php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
                  "product_id": "php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/php-debuginfo@5.3.3-46.el6_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "php-imap-0:5.3.3-46.el6_7.1.x86_64",
                "product": {
                  "name": "php-imap-0:5.3.3-46.el6_7.1.x86_64",
                  "product_id": "php-imap-0:5.3.3-46.el6_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/php-imap@5.3.3-46.el6_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
                "product": {
                  "name": "php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
                  "product_id": "php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/php-mbstring@5.3.3-46.el6_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
                "product": {
                  "name": "activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
                  "product_id": "activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/activemq-client@5.9.0-6.redhat.611454.el6op?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
                "product": {
                  "name": "activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
                  "product_id": "activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/activemq@5.9.0-6.redhat.611454.el6op?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-0:1.38.6.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Client 2.2",
          "product_id": "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch"
        },
        "product_reference": "rhc-0:1.38.6.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-CLIENT-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-0:1.38.6.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Client 2.2",
          "product_id": "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src"
        },
        "product_reference": "rhc-0:1.38.6.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-CLIENT-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "activemq-0:5.9.0-6.redhat.611454.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src"
        },
        "product_reference": "activemq-0:5.9.0-6.redhat.611454.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "activemq-0:5.9.0-6.redhat.611454.el6op.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64"
        },
        "product_reference": "activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64"
        },
        "product_reference": "activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-release-0:2.2.9-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch"
        },
        "product_reference": "openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-upgrade-0:2.2.9-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src"
        },
        "product_reference": "openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch"
        },
        "product_reference": "openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch"
        },
        "product_reference": "openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch"
        },
        "product_reference": "openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch"
        },
        "product_reference": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src"
        },
        "product_reference": "openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch"
        },
        "product_reference": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src"
        },
        "product_reference": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch"
        },
        "product_reference": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src"
        },
        "product_reference": "rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch"
        },
        "product_reference": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure 2.2",
          "product_id": "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src"
        },
        "product_reference": "rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-INFRA-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "activemq-0:5.9.0-6.redhat.611454.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src"
        },
        "product_reference": "activemq-0:5.9.0-6.redhat.611454.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "activemq-0:5.9.0-6.redhat.611454.el6op.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64"
        },
        "product_reference": "activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64"
        },
        "product_reference": "activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:1.625.3-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch"
        },
        "product_reference": "jenkins-0:1.625.3-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:1.625.3-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src"
        },
        "product_reference": "jenkins-0:1.625.3-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-release-0:2.2.9-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch"
        },
        "product_reference": "openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-upgrade-0:2.2.9-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src"
        },
        "product_reference": "openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch"
        },
        "product_reference": "openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch"
        },
        "product_reference": "openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch"
        },
        "product_reference": "openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch"
        },
        "product_reference": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src"
        },
        "product_reference": "openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch"
        },
        "product_reference": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src"
        },
        "product_reference": "openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch"
        },
        "product_reference": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src"
        },
        "product_reference": "openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch"
        },
        "product_reference": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src"
        },
        "product_reference": "openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch"
        },
        "product_reference": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src"
        },
        "product_reference": "openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch"
        },
        "product_reference": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src"
        },
        "product_reference": "openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch"
        },
        "product_reference": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src"
        },
        "product_reference": "openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch"
        },
        "product_reference": "openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-origin-node-util-0:1.38.6.2-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src"
        },
        "product_reference": "openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "php-0:5.3.3-46.el6_7.1.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src"
        },
        "product_reference": "php-0:5.3.3-46.el6_7.1.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "php-bcmath-0:5.3.3-46.el6_7.1.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64"
        },
        "product_reference": "php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "php-debuginfo-0:5.3.3-46.el6_7.1.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64"
        },
        "product_reference": "php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "php-devel-0:5.3.3-46.el6_7.1.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64"
        },
        "product_reference": "php-devel-0:5.3.3-46.el6_7.1.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "php-fpm-0:5.3.3-46.el6_7.1.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64"
        },
        "product_reference": "php-fpm-0:5.3.3-46.el6_7.1.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "php-imap-0:5.3.3-46.el6_7.1.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64"
        },
        "product_reference": "php-imap-0:5.3.3-46.el6_7.1.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "php-intl-0:5.3.3-46.el6_7.1.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64"
        },
        "product_reference": "php-intl-0:5.3.3-46.el6_7.1.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "php-mbstring-0:5.3.3-46.el6_7.1.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64"
        },
        "product_reference": "php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "php-process-0:5.3.3-46.el6_7.1.x86_64 as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64"
        },
        "product_reference": "php-process-0:5.3.3-46.el6_7.1.x86_64",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch"
        },
        "product_reference": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src"
        },
        "product_reference": "rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch"
        },
        "product_reference": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src"
        },
        "product_reference": "rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch"
        },
        "product_reference": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src as a component of Red Hat OpenShift Enterprise Node 2.2",
          "product_id": "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        },
        "product_reference": "rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src",
        "relates_to_product_reference": "6Server-RHOSE-NODE-2.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-5254",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2015-12-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1291292"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ObjectMessage: unsafe deserialization",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A malicious message producer needs to authenticate to EAP in order to send messages. Also, the use of JMS ObjectMessage needs to be chosen by the developer of the application. Therefore this issue is rated as moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5254"
        },
        {
          "category": "external",
          "summary": "RHBZ#1291292",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291292"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5254",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5254"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5254",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5254"
        },
        {
          "category": "external",
          "summary": "http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt",
          "url": "http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt"
        }
      ],
      "release_date": "2015-12-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        },
        {
          "category": "workaround",
          "details": "If you do deploy a JMS publisher, and subscriber, and don\u0027t trust the messages sent to you by your clients, you could mitigate this issue by installing a Java agent which restricts the classes which can be deserialized. This is an article with the recommended approach:\n\nhttps://access.redhat.com/solutions/2190911\n\nYou could also mitigate this issue using the features of the Java Virtual Machine added in JEP 290:\n\nhttp://openjdk.java.net/jeps/290",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ObjectMessage: unsafe deserialization"
    },
    {
      "cve": "CVE-2015-5317",
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282359"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Project name disclosure via fingerprints (SECURITY-153)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5317"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282359",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282359"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5317",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5317"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5317",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5317"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2023-05-12T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins: Project name disclosure via fingerprints (SECURITY-153)"
    },
    {
      "cve": "CVE-2015-5318",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282361"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for remote attackers to bypass the CSRF protection mechanism via a brute force attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Public value used for CSRF protection salt (SECURITY-169)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5318"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282361",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282361"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5318",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5318"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5318",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5318"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Public value used for CSRF protection salt (SECURITY-169)"
    },
    {
      "cve": "CVE-2015-5319",
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282362"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "XML external entity (XXE) vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an \"XML-aware tool,\" as demonstrated by get-job and update-job.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: XXE injection into job configurations via CLI (SECURITY-173)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5319"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282362",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282362"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5319",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5319"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5319",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5319"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins: XXE injection into job configurations via CLI (SECURITY-173)"
    },
    {
      "cve": "CVE-2015-5320",
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282363"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtain sensitive information or possibly gain administrative access by leveraging knowledge of the name of a slave.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Secret key not verified when connecting a slave (SECURITY-184)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5320"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282363",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282363"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5320",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5320"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5320",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5320"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins: Secret key not verified when connecting a slave (SECURITY-184)"
    },
    {
      "cve": "CVE-2015-5321",
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282364"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Information disclosure via sidepanel (SECURITY-192)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5321"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282364",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282364"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5321",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5321"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5321",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5321"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Information disclosure via sidepanel (SECURITY-192)"
    },
    {
      "cve": "CVE-2015-5322",
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282365"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Directory traversal vulnerability in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to list directory contents and read arbitrary files in the Jenkins servlet resources via directory traversal sequences in a request to jnlpJars/.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Local file inclusion vulnerability (SECURITY-195)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5322"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282365",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282365"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5322",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5322"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5322",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5322"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins: Local file inclusion vulnerability (SECURITY-195)"
    },
    {
      "cve": "CVE-2015-5323",
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282366"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an API token of another user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: API tokens of other users available to admins (SECURITY-200)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5323"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282366",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282366"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5323",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5323"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5323",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5323"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: API tokens of other users available to admins (SECURITY-200)"
    },
    {
      "cve": "CVE-2015-5324",
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282367"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Queue API did show items not visible to the current user (SECURITY-186)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5324"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282367",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282367"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5324",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5324"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5324",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5324"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Queue API did show items not visible to the current user (SECURITY-186)"
    },
    {
      "cve": "CVE-2015-5325",
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282368"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass intended slave-to-master access restrictions by leveraging a JNLP slave. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3665.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: JNLP slaves not subject to slave-to-master access control (SECURITY-206)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5325"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282368",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282368"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5325",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5325"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5325",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5325"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: JNLP slaves not subject to slave-to-master access control (SECURITY-206)"
    },
    {
      "cve": "CVE-2015-5326",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282369"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site scripting (XSS) vulnerability in the slave overview page in Jenkins before 1.638 and LTS before 1.625.2 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the slave offline status message.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Stored XSS vulnerability in slave offline status message (SECURITY-214)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5326"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282369",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282369"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5326",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5326"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5326",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5326"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins: Stored XSS vulnerability in slave offline status message (SECURITY-214)"
    },
    {
      "cve": "CVE-2015-7537",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2015-12-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1291795"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: CSRF vulnerability in some administrative actions (SECURITY-225)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-7537"
        },
        {
          "category": "external",
          "summary": "RHBZ#1291795",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291795"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-7537",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-7537"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7537",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7537"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09"
        }
      ],
      "release_date": "2015-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: CSRF vulnerability in some administrative actions (SECURITY-225)"
    },
    {
      "cve": "CVE-2015-7538",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2015-12-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1291797"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to bypass the CSRF protection mechanism via unspecified vectors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: CSRF protection ineffective (SECURITY-233)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-7538"
        },
        {
          "category": "external",
          "summary": "RHBZ#1291797",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291797"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-7538",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-7538"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7538",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7538"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09"
        }
      ],
      "release_date": "2015-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: CSRF protection ineffective (SECURITY-233)"
    },
    {
      "cve": "CVE-2015-7539",
      "discovery_date": "2015-12-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1291798"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Jenkins plugin manager vulnerable to MITM attacks (SECURITY-234)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-7539"
        },
        {
          "category": "external",
          "summary": "RHBZ#1291798",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291798"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-7539",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-7539"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7539",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7539"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09"
        }
      ],
      "release_date": "2015-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Jenkins plugin manager vulnerable to MITM attacks (SECURITY-234)"
    },
    {
      "cve": "CVE-2015-8103",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2015-11-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1282371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the \"Groovy variant in \u0027ysoserial\u0027\".",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Remote code execution vulnerability due to unsafe deserialization in Jenkins remoting (SECURITY-218)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
          "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
          "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
          "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
          "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
          "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-8103"
        },
        {
          "category": "external",
          "summary": "RHBZ#1282371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-8103",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-8103"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8103",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8103"
        },
        {
          "category": "external",
          "summary": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11",
          "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
        }
      ],
      "release_date": "2015-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2016-03-22T16:49:04+00:00",
          "details": "Before applying this update, make sure all previously released \nerrata relevant to your system have been applied.\n\nSee the OpenShift Enterprise 2.2 Release Notes, which will be \nupdated shortly for release 2.2.9, for important instructions on how \nto fully apply this asynchronous errata update:\n\nhttps://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/2.2_Release_Notes/index.html#chap-Asynchronous_Errata_Updates\n\nThis update is available via the Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at: \nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2016:0489"
        },
        {
          "category": "workaround",
          "details": "https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli",
          "product_ids": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.noarch",
            "6Server-RHOSE-CLIENT-2.2:rhc-0:1.38.6.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-INFRA-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:openshift-origin-broker-util-0:1.37.5.3-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-console-0:1.35.5.1-1.el6op.src",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.noarch",
            "6Server-RHOSE-INFRA-2.2:rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.src",
            "6Server-RHOSE-NODE-2.2:activemq-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:activemq-client-0:5.9.0-6.redhat.611454.el6op.x86_64",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:jenkins-0:1.625.3-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-release-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-0:2.2.9-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-broker-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-upgrade-node-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-enterprise-yum-validator-0:2.2.9-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-php-0:1.35.3.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-cartridge-python-0:1.34.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-proxy-0:1.26.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:openshift-origin-node-util-0:1.38.6.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:php-0:5.3.3-46.el6_7.1.src",
            "6Server-RHOSE-NODE-2.2:php-bcmath-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-debuginfo-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-devel-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-fpm-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-imap-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-intl-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-mbstring-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:php-process-0:5.3.3-46.el6_7.1.x86_64",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-common-0:1.29.5.2-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op.src",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.noarch",
            "6Server-RHOSE-NODE-2.2:rubygem-openshift-origin-node-0:1.38.5.3-1.el6op.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins: Remote code execution vulnerability due to unsafe deserialization in Jenkins remoting (SECURITY-218)"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.