Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-1954 (GCVE-0-2020-1954)
Vulnerability from cvelistv5
Published
2020-04-01 20:07
Modified
2024-08-04 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache | Apache CXF |
Version: affects all versions prior to 3.3.6 and 3.2.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2"
},
{
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache CXF",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "affects all versions prior to 3.3.6 and 3.2.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-10T09:06:50",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2"
},
{
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-1954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache CXF",
"version": {
"version_data": [
{
"version_value": "affects all versions prior to 3.3.6 and 3.2.13"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2",
"refsource": "MISC",
"url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2"
},
{
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220210-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220210-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2020-1954",
"datePublished": "2020-04-01T20:07:29",
"dateReserved": "2019-12-02T00:00:00",
"dateUpdated": "2024-08-04T06:54:00.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-1954\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2020-04-01T21:15:14.597\",\"lastModified\":\"2024-11-21T05:11:43.723\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.\"},{\"lang\":\"es\",\"value\":\"Apache CXF posee la capacidad de integrarse con JMX mediante el registro de una extensi\u00f3n InstrumentationManager con el bus CXF. Si la propiedad \\\"createMBServerConnectorFactory\\\" del InstrumentationManagerImpl predeterminado no est\u00e1 deshabilitada, entonces es vulnerable a un ataque de estilo man-in-the-middle (MITM). Un atacante en el mismo host puede conectar con el registro y volver a vincular la entrada a otro servidor, y as\u00ed actuar como un proxy del original. Pueden luego obtener acceso a toda la informaci\u00f3n que es enviada y recibida a trav\u00e9s de JMX.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":2.9,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":5.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.13\",\"matchCriteriaId\":\"DFD0BC46-24B2-493D-8FF3-BF4D49A5F215\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3.0\",\"versionEndExcluding\":\"3.3.6\",\"matchCriteriaId\":\"18E7E391-B755-4F71-934A-B16CA8351D78\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"526E2FE5-263F-416F-8628-6CD40B865780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"B51F78F4-8D7E-48C2-86D1-D53A6EB348A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"3E5416A1-EE58-415D-9645-B6A875EBAED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66916DEB-ACE1-44E0-9535-10B3E03347AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A735B4-4F3C-416B-8C08-9CB21BAD2889\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*\",\"matchCriteriaId\":\"64DE38C8-94F1-4860-B045-F33928F676A8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\\\\::*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"FAFED7F5-03FA-43B5-AD13-1130F0324448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"B51F78F4-8D7E-48C2-86D1-D53A6EB348A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"3E5416A1-EE58-415D-9645-B6A875EBAED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.2.0\",\"versionEndIncluding\":\"8.2.2\",\"matchCriteriaId\":\"11B0C37E-D7C7-45F2-A8D8-5A3B1B191430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66916DEB-ACE1-44E0-9535-10B3E03347AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A735B4-4F3C-416B-8C08-9CB21BAD2889\"}]}]}],\"references\":[{\"url\":\"http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2\",\"source\":\"security@apache.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220210-0001/\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220210-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
rhsa-2020:4247
Vulnerability from csaf_redhat
Published
2020-10-13 17:01
Modified
2025-08-04 12:02
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)
* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)
* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)
* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)\n\n* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)\n\n* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)\n\n* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4247",
"url": "https://access.redhat.com/errata/RHSA-2020:4247"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "JBEAP-19379",
"url": "https://issues.redhat.com/browse/JBEAP-19379"
},
{
"category": "external",
"summary": "JBEAP-19596",
"url": "https://issues.redhat.com/browse/JBEAP-19596"
},
{
"category": "external",
"summary": "JBEAP-19613",
"url": "https://issues.redhat.com/browse/JBEAP-19613"
},
{
"category": "external",
"summary": "JBEAP-19615",
"url": "https://issues.redhat.com/browse/JBEAP-19615"
},
{
"category": "external",
"summary": "JBEAP-19642",
"url": "https://issues.redhat.com/browse/JBEAP-19642"
},
{
"category": "external",
"summary": "JBEAP-19695",
"url": "https://issues.redhat.com/browse/JBEAP-19695"
},
{
"category": "external",
"summary": "JBEAP-19698",
"url": "https://issues.redhat.com/browse/JBEAP-19698"
},
{
"category": "external",
"summary": "JBEAP-19700",
"url": "https://issues.redhat.com/browse/JBEAP-19700"
},
{
"category": "external",
"summary": "JBEAP-19701",
"url": "https://issues.redhat.com/browse/JBEAP-19701"
},
{
"category": "external",
"summary": "JBEAP-19715",
"url": "https://issues.redhat.com/browse/JBEAP-19715"
},
{
"category": "external",
"summary": "JBEAP-19746",
"url": "https://issues.redhat.com/browse/JBEAP-19746"
},
{
"category": "external",
"summary": "JBEAP-19789",
"url": "https://issues.redhat.com/browse/JBEAP-19789"
},
{
"category": "external",
"summary": "JBEAP-19791",
"url": "https://issues.redhat.com/browse/JBEAP-19791"
},
{
"category": "external",
"summary": "JBEAP-19795",
"url": "https://issues.redhat.com/browse/JBEAP-19795"
},
{
"category": "external",
"summary": "JBEAP-19796",
"url": "https://issues.redhat.com/browse/JBEAP-19796"
},
{
"category": "external",
"summary": "JBEAP-19822",
"url": "https://issues.redhat.com/browse/JBEAP-19822"
},
{
"category": "external",
"summary": "JBEAP-19888",
"url": "https://issues.redhat.com/browse/JBEAP-19888"
},
{
"category": "external",
"summary": "JBEAP-19934",
"url": "https://issues.redhat.com/browse/JBEAP-19934"
},
{
"category": "external",
"summary": "JBEAP-19935",
"url": "https://issues.redhat.com/browse/JBEAP-19935"
},
{
"category": "external",
"summary": "JBEAP-19936",
"url": "https://issues.redhat.com/browse/JBEAP-19936"
},
{
"category": "external",
"summary": "JBEAP-19937",
"url": "https://issues.redhat.com/browse/JBEAP-19937"
},
{
"category": "external",
"summary": "JBEAP-19938",
"url": "https://issues.redhat.com/browse/JBEAP-19938"
},
{
"category": "external",
"summary": "JBEAP-19939",
"url": "https://issues.redhat.com/browse/JBEAP-19939"
},
{
"category": "external",
"summary": "JBEAP-19940",
"url": "https://issues.redhat.com/browse/JBEAP-19940"
},
{
"category": "external",
"summary": "JBEAP-19942",
"url": "https://issues.redhat.com/browse/JBEAP-19942"
},
{
"category": "external",
"summary": "JBEAP-19955",
"url": "https://issues.redhat.com/browse/JBEAP-19955"
},
{
"category": "external",
"summary": "JBEAP-19965",
"url": "https://issues.redhat.com/browse/JBEAP-19965"
},
{
"category": "external",
"summary": "JBEAP-20027",
"url": "https://issues.redhat.com/browse/JBEAP-20027"
},
{
"category": "external",
"summary": "JBEAP-20037",
"url": "https://issues.redhat.com/browse/JBEAP-20037"
},
{
"category": "external",
"summary": "JBEAP-20064",
"url": "https://issues.redhat.com/browse/JBEAP-20064"
},
{
"category": "external",
"summary": "JBEAP-20087",
"url": "https://issues.redhat.com/browse/JBEAP-20087"
},
{
"category": "external",
"summary": "JBEAP-20112",
"url": "https://issues.redhat.com/browse/JBEAP-20112"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4247.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update",
"tracking": {
"current_release_date": "2025-08-04T12:02:27+00:00",
"generator": {
"date": "2025-08-04T12:02:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:4247",
"initial_release_date": "2020-10-13T17:01:16+00:00",
"revision_history": [
{
"date": "2020-10-13T17:01:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-10-13T17:01:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T12:02:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP 7.3.3",
"product": {
"name": "EAP 7.3.3",
"product_id": "EAP 7.3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1954",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824301"
}
],
"notes": [
{
"category": "description",
"text": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: JMX integration is vulnerable to a MITM attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1954"
},
{
"category": "external",
"summary": "RHBZ#1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T17:01:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"EAP 7.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"EAP 7.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cxf: JMX integration is vulnerable to a MITM attack"
},
{
"acknowledgments": [
{
"names": [
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14299",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2020-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848533"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14299"
},
{
"category": "external",
"summary": "RHBZ#1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14299",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14299"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299"
}
],
"release_date": "2020-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T17:01:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"EAP 7.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP 7.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass"
},
{
"cve": "CVE-2020-14338",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the \"use-grammar-pool-only\" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14338"
},
{
"category": "external",
"summary": "RHBZ#1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14338",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338"
}
],
"release_date": "2020-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T17:01:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"EAP 7.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"EAP 7.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl"
},
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14340",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860218"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, handled between garbage collection cycles, may allow the attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.3.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14340"
},
{
"category": "external",
"summary": "RHBZ#1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14340",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340"
}
],
"release_date": "2020-07-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T17:01:16+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"EAP 7.3.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4247"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP 7.3.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS"
}
]
}
rhsa-2020:4931
Vulnerability from csaf_redhat
Published
2020-11-04 19:24
Modified
2025-08-07 12:36
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.4.3 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.4.3 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)
* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)
* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)
* keycloak: user can manage resources with just "view-profile" role using new Account Console (CVE-2020-14389)
* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)
* keycloak: OIDC redirect_uri allows dangerous schemes resulting in potential XSS (CVE-2020-10776)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.4.3 serves as a replacement for Red Hat Single Sign-On 7.4.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)\n\n* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)\n\n* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)\n\n* keycloak: user can manage resources with just \"view-profile\" role using new Account Console (CVE-2020-14389)\n\n* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)\n\n* keycloak: OIDC redirect_uri allows dangerous schemes resulting in potential XSS (CVE-2020-10776)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4931",
"url": "https://access.redhat.com/errata/RHSA-2020:4931"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/"
},
{
"category": "external",
"summary": "1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "1847428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847428"
},
{
"category": "external",
"summary": "1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "1875843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875843"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4931.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.4.3 security update",
"tracking": {
"current_release_date": "2025-08-07T12:36:31+00:00",
"generator": {
"date": "2025-08-07T12:36:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:4931",
"initial_release_date": "2020-11-04T19:24:13+00:00",
"revision_history": [
{
"date": "2020-11-04T19:24:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T19:24:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-07T12:36:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.4.3",
"product": {
"name": "Red Hat Single Sign-On 7.4.3",
"product_id": "Red Hat Single Sign-On 7.4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_single_sign_on:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1954",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824301"
}
],
"notes": [
{
"category": "description",
"text": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: JMX integration is vulnerable to a MITM attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1954"
},
{
"category": "external",
"summary": "RHBZ#1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T19:24:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cxf: JMX integration is vulnerable to a MITM attack"
},
{
"acknowledgments": [
{
"names": [
"Lauritz Holtmann"
],
"organization": "Chair for Network and Data Security at Ruhr University Bochum"
}
],
"cve": "CVE-2020-10776",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1847428"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it is possible to add unsafe schemes for the redirect_uri parameter. This flaw allows an attacker to perform a Cross-site scripting attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: OIDC redirect_uri allows dangerous schemes resulting in potential XSS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10776"
},
{
"category": "external",
"summary": "RHBZ#1847428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10776"
}
],
"release_date": "2020-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T19:24:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4931"
},
{
"category": "workaround",
"details": "Trusted Hosts Policy could be used to mitigate this attack : \nhttps://www.keycloak.org/docs/latest/securing_apps/index.html#client-registration-policies",
"product_ids": [
"Red Hat Single Sign-On 7.4.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: OIDC redirect_uri allows dangerous schemes resulting in potential XSS"
},
{
"acknowledgments": [
{
"names": [
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14299",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2020-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848533"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14299"
},
{
"category": "external",
"summary": "RHBZ#1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14299",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14299"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299"
}
],
"release_date": "2020-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T19:24:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass"
},
{
"cve": "CVE-2020-14338",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the \"use-grammar-pool-only\" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14338"
},
{
"category": "external",
"summary": "RHBZ#1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14338",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338"
}
],
"release_date": "2020-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T19:24:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl"
},
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14340",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860218"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, handled between garbage collection cycles, may allow the attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14340"
},
{
"category": "external",
"summary": "RHBZ#1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14340",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340"
}
],
"release_date": "2020-07-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T19:24:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS"
},
{
"acknowledgments": [
{
"names": [
"Dirk van Veen"
],
"organization": "The S-Unit"
}
],
"cve": "CVE-2020-14366",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2020-08-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1869764"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in keycloak. A path traversal, using URL-encoded path segments in a request, is possible due to transformation of the URL path to a file path at the resource endpoint. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: path traversal in resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14366"
},
{
"category": "external",
"summary": "RHBZ#1869764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14366"
}
],
"release_date": "2020-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T19:24:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: path traversal in resources"
},
{
"acknowledgments": [
{
"names": [
"V\u00e1clav Muzik\u00e1\u0159"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14389",
"cwe": {
"id": "CWE-916",
"name": "Use of Password Hash With Insufficient Computational Effort"
},
"discovery_date": "2020-08-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1875843"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: user can manage resources with just \"view-profile\" role using new Account Console",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14389"
},
{
"category": "external",
"summary": "RHBZ#1875843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875843"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14389",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14389"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14389",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14389"
}
],
"release_date": "2020-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T19:24:13+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4931"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: user can manage resources with just \"view-profile\" role using new Account Console"
}
]
}
rhsa-2020:4961
Vulnerability from csaf_redhat
Published
2020-11-05 18:48
Modified
2025-08-07 11:17
Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.9.0 security update
Notes
Topic
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This release of Red Hat Process Automation Manager 7.9.0 serves as an update to Red Hat Process Automation Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* batik: SSRF via "xlink:href" (CVE-2019-17566)
* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* ant: insecure temporary file vulnerability (CVE-2020-1945)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)
* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2875)
* mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS (CVE-2020-2933)
* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2934)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.9.0 serves as an update to Red Hat Process Automation Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* batik: SSRF via \"xlink:href\" (CVE-2019-17566)\n\n* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* ant: insecure temporary file vulnerability (CVE-2020-1945)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)\n\n* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2875)\n\n* mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS (CVE-2020-2933)\n\n* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2934)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4961",
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.9.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.9.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.9/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.9/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1837444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837444"
},
{
"category": "external",
"summary": "1848617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848617"
},
{
"category": "external",
"summary": "1851014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014"
},
{
"category": "external",
"summary": "1851019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019"
},
{
"category": "external",
"summary": "1851022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851022"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4961.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.9.0 security update",
"tracking": {
"current_release_date": "2025-08-07T11:17:10+00:00",
"generator": {
"date": "2025-08-07T11:17:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:4961",
"initial_release_date": "2020-11-05T18:48:33+00:00",
"revision_history": [
{
"date": "2020-11-05T18:48:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-05T18:48:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-07T11:17:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHPAM 7.9.0",
"product": {
"name": "RHPAM 7.9.0",
"product_id": "RHPAM 7.9.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"RHPAM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"cve": "CVE-2019-17566",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2020-06-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848617"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Batik library, where it is vulnerable to a Server-Side Request Forgery attack (SSRF) via \"xlink:href\" attributes. This flaw allows an attacker to cause the underlying server to make arbitrary GET requests. The highest threat from this vulnerability is to system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: SSRF via \"xlink:href\"",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17566"
},
{
"category": "external",
"summary": "RHBZ#1848617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17566",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17566"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: SSRF via \"xlink:href\""
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"cve": "CVE-2020-1945",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2020-05-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1837444"
}
],
"notes": [
{
"category": "description",
"text": "Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ant: insecure temporary file vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of ant package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1945"
},
{
"category": "external",
"summary": "RHBZ#1837444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945"
}
],
"release_date": "2020-05-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "workaround",
"details": "For versions 1.1 to 1.9.14 and 1.10.0 to 1.10.7, set the java.io.tmpdir system property to a private directory-- only readable and writable by the current user-- before running Ant.\n\nFor versions 1.9.15 and 1.10.8, use the Ant property ant.tmpfile instead. Ant 1.10.8 protects the temporary files if the underlying filesystem allows it, but using a private temporary directory is still recommended.",
"product_ids": [
"RHPAM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ant: insecure temporary file vulnerability"
},
{
"cve": "CVE-2020-1954",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824301"
}
],
"notes": [
{
"category": "description",
"text": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: JMX integration is vulnerable to a MITM attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1954"
},
{
"category": "external",
"summary": "RHBZ#1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cxf: JMX integration is vulnerable to a MITM attack"
},
{
"cve": "CVE-2020-2875",
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection and insert unauthorized SQL commands in MySQL Connectors and other products.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n~~~\nyum-config-manager --enable rhel-server-rhscl-7-rpms\nyum install rh-mariadb103-mariadb-java-client\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2875"
},
{
"category": "external",
"summary": "RHBZ#1851019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2875",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete"
},
{
"cve": "CVE-2020-2933",
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection, causing a denial of service of the MySQL Connectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n~~~\nyum-config-manager --enable rhel-server-rhscl-7-rpms\nyum install rh-mariadb103-mariadb-java-client\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2933"
},
{
"category": "external",
"summary": "RHBZ#1851022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2933",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2933"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2933",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2933"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS"
},
{
"cve": "CVE-2020-2934",
"discovery_date": "2020-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851014"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection and insert unauthorized SQL commands.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n~~~\n # yum-config-manager --enable rhel-server-rhscl-7-rpms\n\n # yum install rh-mariadb103-mariadb-java-client\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2934"
},
{
"category": "external",
"summary": "RHBZ#1851014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"RHPAM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:48:33+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"RHPAM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
}
]
}
rhsa-2020:4245
Vulnerability from csaf_redhat
Published
2020-10-13 16:50
Modified
2025-08-04 12:02
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 8
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)
* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)
* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)
* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)\n\n* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)\n\n* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)\n\n* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4245",
"url": "https://access.redhat.com/errata/RHSA-2020:4245"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "JBEAP-19379",
"url": "https://issues.redhat.com/browse/JBEAP-19379"
},
{
"category": "external",
"summary": "JBEAP-19444",
"url": "https://issues.redhat.com/browse/JBEAP-19444"
},
{
"category": "external",
"summary": "JBEAP-19596",
"url": "https://issues.redhat.com/browse/JBEAP-19596"
},
{
"category": "external",
"summary": "JBEAP-19613",
"url": "https://issues.redhat.com/browse/JBEAP-19613"
},
{
"category": "external",
"summary": "JBEAP-19615",
"url": "https://issues.redhat.com/browse/JBEAP-19615"
},
{
"category": "external",
"summary": "JBEAP-19642",
"url": "https://issues.redhat.com/browse/JBEAP-19642"
},
{
"category": "external",
"summary": "JBEAP-19695",
"url": "https://issues.redhat.com/browse/JBEAP-19695"
},
{
"category": "external",
"summary": "JBEAP-19698",
"url": "https://issues.redhat.com/browse/JBEAP-19698"
},
{
"category": "external",
"summary": "JBEAP-19700",
"url": "https://issues.redhat.com/browse/JBEAP-19700"
},
{
"category": "external",
"summary": "JBEAP-19701",
"url": "https://issues.redhat.com/browse/JBEAP-19701"
},
{
"category": "external",
"summary": "JBEAP-19715",
"url": "https://issues.redhat.com/browse/JBEAP-19715"
},
{
"category": "external",
"summary": "JBEAP-19746",
"url": "https://issues.redhat.com/browse/JBEAP-19746"
},
{
"category": "external",
"summary": "JBEAP-19789",
"url": "https://issues.redhat.com/browse/JBEAP-19789"
},
{
"category": "external",
"summary": "JBEAP-19791",
"url": "https://issues.redhat.com/browse/JBEAP-19791"
},
{
"category": "external",
"summary": "JBEAP-19795",
"url": "https://issues.redhat.com/browse/JBEAP-19795"
},
{
"category": "external",
"summary": "JBEAP-19796",
"url": "https://issues.redhat.com/browse/JBEAP-19796"
},
{
"category": "external",
"summary": "JBEAP-19822",
"url": "https://issues.redhat.com/browse/JBEAP-19822"
},
{
"category": "external",
"summary": "JBEAP-19888",
"url": "https://issues.redhat.com/browse/JBEAP-19888"
},
{
"category": "external",
"summary": "JBEAP-19934",
"url": "https://issues.redhat.com/browse/JBEAP-19934"
},
{
"category": "external",
"summary": "JBEAP-19935",
"url": "https://issues.redhat.com/browse/JBEAP-19935"
},
{
"category": "external",
"summary": "JBEAP-19936",
"url": "https://issues.redhat.com/browse/JBEAP-19936"
},
{
"category": "external",
"summary": "JBEAP-19937",
"url": "https://issues.redhat.com/browse/JBEAP-19937"
},
{
"category": "external",
"summary": "JBEAP-19938",
"url": "https://issues.redhat.com/browse/JBEAP-19938"
},
{
"category": "external",
"summary": "JBEAP-19939",
"url": "https://issues.redhat.com/browse/JBEAP-19939"
},
{
"category": "external",
"summary": "JBEAP-19940",
"url": "https://issues.redhat.com/browse/JBEAP-19940"
},
{
"category": "external",
"summary": "JBEAP-19942",
"url": "https://issues.redhat.com/browse/JBEAP-19942"
},
{
"category": "external",
"summary": "JBEAP-19955",
"url": "https://issues.redhat.com/browse/JBEAP-19955"
},
{
"category": "external",
"summary": "JBEAP-19965",
"url": "https://issues.redhat.com/browse/JBEAP-19965"
},
{
"category": "external",
"summary": "JBEAP-20027",
"url": "https://issues.redhat.com/browse/JBEAP-20027"
},
{
"category": "external",
"summary": "JBEAP-20037",
"url": "https://issues.redhat.com/browse/JBEAP-20037"
},
{
"category": "external",
"summary": "JBEAP-20064",
"url": "https://issues.redhat.com/browse/JBEAP-20064"
},
{
"category": "external",
"summary": "JBEAP-20087",
"url": "https://issues.redhat.com/browse/JBEAP-20087"
},
{
"category": "external",
"summary": "JBEAP-20112",
"url": "https://issues.redhat.com/browse/JBEAP-20112"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4245.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 8",
"tracking": {
"current_release_date": "2025-08-04T12:02:34+00:00",
"generator": {
"date": "2025-08-04T12:02:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:4245",
"initial_release_date": "2020-10-13T16:50:02+00:00",
"revision_history": [
{
"date": "2020-10-13T16:50:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-10-13T16:50:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T12:02:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product": {
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-25.SP12_redhat_00013.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-25.SP12_redhat_00013.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-8.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketbox-infinispan@5.0.3-8.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.8-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.8-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-5.redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xerces-j2@2.12.0-2.SP03_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.3.7-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.3.7-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.3.7-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.3.7-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-invocation@1.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-codec@1.14.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP12_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-client@4.5.12-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-core@4.4.13-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.26.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-velocity@2.2.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-velocity-engine-core@2.2.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.13-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ws-commons-XmlSchema@2.2.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.65.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.65.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.65.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.65.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-1.redhat_00001.1.el8eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.1.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.31-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.10.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.3-4.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.3-4.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.3-4.GA_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-2.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-25.SP12_redhat_00013.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"product": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"product_id": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-8.Final_redhat_00007.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.9-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.8-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-5.redhat_00011.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src",
"product_id": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xerces-j2@2.12.0-2.SP03_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.3.7-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-invocation@1.5.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-codec@1.14.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP12_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.18-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-client@4.5.12-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-core@4.4.13-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.7-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.26.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-velocity@2.2.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.13-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ws-commons-XmlSchema@2.2.5-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.65.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-1.redhat_00001.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.17-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.1.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.9-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.31-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.10.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.3-4.GA_redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"product": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"product_id": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-3.redhat_1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-2.Final_redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"product": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"product_id": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-3.redhat_1.el8eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.0.2-3.redhat_1.el8eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src"
},
"product_reference": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64"
},
"product_reference": "eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src"
},
"product_reference": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1954",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824301"
}
],
"notes": [
{
"category": "description",
"text": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: JMX integration is vulnerable to a MITM attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1954"
},
{
"category": "external",
"summary": "RHBZ#1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:50:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4245"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cxf: JMX integration is vulnerable to a MITM attack"
},
{
"acknowledgments": [
{
"names": [
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14299",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2020-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848533"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14299"
},
{
"category": "external",
"summary": "RHBZ#1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14299",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14299"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299"
}
],
"release_date": "2020-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:50:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4245"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass"
},
{
"cve": "CVE-2020-14338",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the \"use-grammar-pool-only\" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14338"
},
{
"category": "external",
"summary": "RHBZ#1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14338",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338"
}
],
"release_date": "2020-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:50:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4245"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl"
},
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14340",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860218"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, handled between garbage collection cycles, may allow the attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14340"
},
{
"category": "external",
"summary": "RHBZ#1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14340",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340"
}
],
"release_date": "2020-07-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:50:02+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4245"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.src",
"8Base-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el8eap.x86_64",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS"
}
]
}
rhsa-2020:4246
Vulnerability from csaf_redhat
Published
2020-10-13 16:50
Modified
2025-08-04 12:02
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 7
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)
* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)
* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)
* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)\n\n* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)\n\n* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)\n\n* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4246",
"url": "https://access.redhat.com/errata/RHSA-2020:4246"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "JBEAP-19379",
"url": "https://issues.redhat.com/browse/JBEAP-19379"
},
{
"category": "external",
"summary": "JBEAP-19442",
"url": "https://issues.redhat.com/browse/JBEAP-19442"
},
{
"category": "external",
"summary": "JBEAP-19443",
"url": "https://issues.redhat.com/browse/JBEAP-19443"
},
{
"category": "external",
"summary": "JBEAP-19596",
"url": "https://issues.redhat.com/browse/JBEAP-19596"
},
{
"category": "external",
"summary": "JBEAP-19613",
"url": "https://issues.redhat.com/browse/JBEAP-19613"
},
{
"category": "external",
"summary": "JBEAP-19615",
"url": "https://issues.redhat.com/browse/JBEAP-19615"
},
{
"category": "external",
"summary": "JBEAP-19642",
"url": "https://issues.redhat.com/browse/JBEAP-19642"
},
{
"category": "external",
"summary": "JBEAP-19695",
"url": "https://issues.redhat.com/browse/JBEAP-19695"
},
{
"category": "external",
"summary": "JBEAP-19698",
"url": "https://issues.redhat.com/browse/JBEAP-19698"
},
{
"category": "external",
"summary": "JBEAP-19700",
"url": "https://issues.redhat.com/browse/JBEAP-19700"
},
{
"category": "external",
"summary": "JBEAP-19701",
"url": "https://issues.redhat.com/browse/JBEAP-19701"
},
{
"category": "external",
"summary": "JBEAP-19715",
"url": "https://issues.redhat.com/browse/JBEAP-19715"
},
{
"category": "external",
"summary": "JBEAP-19746",
"url": "https://issues.redhat.com/browse/JBEAP-19746"
},
{
"category": "external",
"summary": "JBEAP-19789",
"url": "https://issues.redhat.com/browse/JBEAP-19789"
},
{
"category": "external",
"summary": "JBEAP-19791",
"url": "https://issues.redhat.com/browse/JBEAP-19791"
},
{
"category": "external",
"summary": "JBEAP-19795",
"url": "https://issues.redhat.com/browse/JBEAP-19795"
},
{
"category": "external",
"summary": "JBEAP-19796",
"url": "https://issues.redhat.com/browse/JBEAP-19796"
},
{
"category": "external",
"summary": "JBEAP-19822",
"url": "https://issues.redhat.com/browse/JBEAP-19822"
},
{
"category": "external",
"summary": "JBEAP-19888",
"url": "https://issues.redhat.com/browse/JBEAP-19888"
},
{
"category": "external",
"summary": "JBEAP-19934",
"url": "https://issues.redhat.com/browse/JBEAP-19934"
},
{
"category": "external",
"summary": "JBEAP-19935",
"url": "https://issues.redhat.com/browse/JBEAP-19935"
},
{
"category": "external",
"summary": "JBEAP-19936",
"url": "https://issues.redhat.com/browse/JBEAP-19936"
},
{
"category": "external",
"summary": "JBEAP-19937",
"url": "https://issues.redhat.com/browse/JBEAP-19937"
},
{
"category": "external",
"summary": "JBEAP-19938",
"url": "https://issues.redhat.com/browse/JBEAP-19938"
},
{
"category": "external",
"summary": "JBEAP-19939",
"url": "https://issues.redhat.com/browse/JBEAP-19939"
},
{
"category": "external",
"summary": "JBEAP-19940",
"url": "https://issues.redhat.com/browse/JBEAP-19940"
},
{
"category": "external",
"summary": "JBEAP-19942",
"url": "https://issues.redhat.com/browse/JBEAP-19942"
},
{
"category": "external",
"summary": "JBEAP-19955",
"url": "https://issues.redhat.com/browse/JBEAP-19955"
},
{
"category": "external",
"summary": "JBEAP-19965",
"url": "https://issues.redhat.com/browse/JBEAP-19965"
},
{
"category": "external",
"summary": "JBEAP-20027",
"url": "https://issues.redhat.com/browse/JBEAP-20027"
},
{
"category": "external",
"summary": "JBEAP-20037",
"url": "https://issues.redhat.com/browse/JBEAP-20037"
},
{
"category": "external",
"summary": "JBEAP-20064",
"url": "https://issues.redhat.com/browse/JBEAP-20064"
},
{
"category": "external",
"summary": "JBEAP-20087",
"url": "https://issues.redhat.com/browse/JBEAP-20087"
},
{
"category": "external",
"summary": "JBEAP-20112",
"url": "https://issues.redhat.com/browse/JBEAP-20112"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4246.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 7",
"tracking": {
"current_release_date": "2025-08-04T12:02:44+00:00",
"generator": {
"date": "2025-08-04T12:02:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:4246",
"initial_release_date": "2020-10-13T16:50:20+00:00",
"revision_history": [
{
"date": "2020-10-13T16:50:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-10-13T16:50:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T12:02:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-25.SP12_redhat_00013.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-25.SP12_redhat_00013.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-8.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketbox-infinispan@5.0.3-8.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.8-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.8-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-5.redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xerces-j2@2.12.0-2.SP03_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP12_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.3.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.3.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.3.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.3.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-invocation@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-codec@1.14.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-client@4.5.12-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-core@4.4.13-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.7-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.26.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-velocity@2.2.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-velocity-engine-core@2.2.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.13-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ws-commons-XmlSchema@2.2.5-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.65.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.65.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.65.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.65.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-1.redhat_00001.1.el7eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.1.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.31-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.10.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.3-4.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.3-4.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.3-4.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.3-4.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.3-4.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-25.SP12_redhat_00013.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"product": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"product_id": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-8.Final_redhat_00007.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.9-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.8-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-5.redhat_00011.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src",
"product_id": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xerces-j2@2.12.0-2.SP03_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP12_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.3.7-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-invocation@1.5.3-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-codec@1.14.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.18-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-client@4.5.12-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-core@4.4.13-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.7-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.26.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-velocity@2.2.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.13-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ws-commons-XmlSchema@2.2.5-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.65.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-1.redhat_00001.1.el7eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.17-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.1.10-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.10-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.9-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.31-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.10.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.3-4.GA_redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"product": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"product_id": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-3.redhat_1.el7eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-2.Final_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"product_id": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-3.redhat_1.el7eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.0.2-3.redhat_1.el7eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src"
},
"product_reference": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src"
},
"product_reference": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1954",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824301"
}
],
"notes": [
{
"category": "description",
"text": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: JMX integration is vulnerable to a MITM attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1954"
},
{
"category": "external",
"summary": "RHBZ#1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:50:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cxf: JMX integration is vulnerable to a MITM attack"
},
{
"acknowledgments": [
{
"names": [
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14299",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2020-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848533"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14299"
},
{
"category": "external",
"summary": "RHBZ#1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14299",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14299"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299"
}
],
"release_date": "2020-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:50:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass"
},
{
"cve": "CVE-2020-14338",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the \"use-grammar-pool-only\" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14338"
},
{
"category": "external",
"summary": "RHBZ#1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14338",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338"
}
],
"release_date": "2020-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:50:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl"
},
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14340",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860218"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, handled between garbage collection cycles, may allow the attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14340"
},
{
"category": "external",
"summary": "RHBZ#1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14340",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340"
}
],
"release_date": "2020-07-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:50:20+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4246"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.src",
"7Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el7eap.x86_64",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS"
}
]
}
rhsa-2020:4960
Vulnerability from csaf_redhat
Published
2020-11-05 18:47
Modified
2025-08-07 11:17
Summary
Red Hat Security Advisory: Red Hat Decision Manager 7.9.0 security update
Notes
Topic
An update is now available for Red Hat Decision Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business.
This release of Red Hat Decision Manager 7.9.0 serves as an update to Red Hat Decision Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* batik: SSRF via "xlink:href" (CVE-2019-17566)
* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* ant: insecure temporary file vulnerability (CVE-2020-1945)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)
* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2875)
* mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS (CVE-2020-2933)
* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2934)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Decision Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model \u0026 Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. \n\nThis release of Red Hat Decision Manager 7.9.0 serves as an update to Red Hat Decision Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* batik: SSRF via \"xlink:href\" (CVE-2019-17566)\n\n* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* ant: insecure temporary file vulnerability (CVE-2020-1945)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)\n\n* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2875)\n\n* mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS (CVE-2020-2933)\n\n* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2934)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4960",
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.9.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.9.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.9/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.9/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1837444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837444"
},
{
"category": "external",
"summary": "1848617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848617"
},
{
"category": "external",
"summary": "1851014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014"
},
{
"category": "external",
"summary": "1851019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019"
},
{
"category": "external",
"summary": "1851022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851022"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4960.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Decision Manager 7.9.0 security update",
"tracking": {
"current_release_date": "2025-08-07T11:17:19+00:00",
"generator": {
"date": "2025-08-07T11:17:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:4960",
"initial_release_date": "2020-11-05T18:47:03+00:00",
"revision_history": [
{
"date": "2020-11-05T18:47:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-05T18:47:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-07T11:17:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHDM 7.9.0",
"product": {
"name": "RHDM 7.9.0",
"product_id": "RHDM 7.9.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7.9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Decision Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"RHDM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"cve": "CVE-2019-17566",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2020-06-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848617"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Batik library, where it is vulnerable to a Server-Side Request Forgery attack (SSRF) via \"xlink:href\" attributes. This flaw allows an attacker to cause the underlying server to make arbitrary GET requests. The highest threat from this vulnerability is to system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: SSRF via \"xlink:href\"",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17566"
},
{
"category": "external",
"summary": "RHBZ#1848617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17566",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17566"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: SSRF via \"xlink:href\""
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"cve": "CVE-2020-1945",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2020-05-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1837444"
}
],
"notes": [
{
"category": "description",
"text": "Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ant: insecure temporary file vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of ant package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1945"
},
{
"category": "external",
"summary": "RHBZ#1837444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945"
}
],
"release_date": "2020-05-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
},
{
"category": "workaround",
"details": "For versions 1.1 to 1.9.14 and 1.10.0 to 1.10.7, set the java.io.tmpdir system property to a private directory-- only readable and writable by the current user-- before running Ant.\n\nFor versions 1.9.15 and 1.10.8, use the Ant property ant.tmpfile instead. Ant 1.10.8 protects the temporary files if the underlying filesystem allows it, but using a private temporary directory is still recommended.",
"product_ids": [
"RHDM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ant: insecure temporary file vulnerability"
},
{
"cve": "CVE-2020-1954",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824301"
}
],
"notes": [
{
"category": "description",
"text": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: JMX integration is vulnerable to a MITM attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1954"
},
{
"category": "external",
"summary": "RHBZ#1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cxf: JMX integration is vulnerable to a MITM attack"
},
{
"cve": "CVE-2020-2875",
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection and insert unauthorized SQL commands in MySQL Connectors and other products.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n~~~\nyum-config-manager --enable rhel-server-rhscl-7-rpms\nyum install rh-mariadb103-mariadb-java-client\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2875"
},
{
"category": "external",
"summary": "RHBZ#1851019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2875",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete"
},
{
"cve": "CVE-2020-2933",
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection, causing a denial of service of the MySQL Connectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n~~~\nyum-config-manager --enable rhel-server-rhscl-7-rpms\nyum install rh-mariadb103-mariadb-java-client\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2933"
},
{
"category": "external",
"summary": "RHBZ#1851022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2933",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2933"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2933",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2933"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS"
},
{
"cve": "CVE-2020-2934",
"discovery_date": "2020-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851014"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection and insert unauthorized SQL commands.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n~~~\n # yum-config-manager --enable rhel-server-rhscl-7-rpms\n\n # yum install rh-mariadb103-mariadb-java-client\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2934"
},
{
"category": "external",
"summary": "RHBZ#1851014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"RHDM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHDM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-05T18:47:03+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHDM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4960"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"RHDM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHDM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
}
]
}
rhsa-2020:3585
Vulnerability from csaf_redhat
Published
2020-08-31 15:40
Modified
2025-08-04 12:02
Summary
Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 20 security update
Notes
Topic
This is a security update for JBoss EAP Continuous Delivery 20.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform CD20 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform CD20 includes bug fixes and enhancements.
Security Fix(es):
* jsf-impl: mojarra: Path traversal in ResourceManager.java:getLocalePrefix() via the loc parameter (CVE-2018-14371)
* jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)
* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* undertow: Memory exhaustion issue in HttpReadListener via "Expect: 100-continue" header (CVE-2020-10705)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)
* wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)
* cxf-core: cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)
* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is a security update for JBoss EAP Continuous Delivery 20.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform CD20 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD20 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* jsf-impl: mojarra: Path traversal in ResourceManager.java:getLocalePrefix() via the loc parameter (CVE-2018-14371)\n\n* jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100-continue\" header (CVE-2020-10705)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes (CVE-2020-11612)\n\n* wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)\n\n* cxf-core: cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)\n\n* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3585",
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=20",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=20"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform_continuous_delivery/20/",
"url": "https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform_continuous_delivery/20/"
},
{
"category": "external",
"summary": "1607709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607709"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1715075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715075"
},
{
"category": "external",
"summary": "1796617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796617"
},
{
"category": "external",
"summary": "1803241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1803241"
},
{
"category": "external",
"summary": "1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1816216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216"
},
{
"category": "external",
"summary": "1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828459"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3585.json"
}
],
"title": "Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 20 security update",
"tracking": {
"current_release_date": "2025-08-04T12:02:55+00:00",
"generator": {
"date": "2025-08-04T12:02:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3585",
"initial_release_date": "2020-08-31T15:40:22+00:00",
"revision_history": [
{
"date": "2020-08-31T15:40:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-31T15:40:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T12:02:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP-CD 20 Tech Preview",
"product": {
"name": "EAP-CD 20 Tech Preview",
"product_id": "EAP-CD 20 Tech Preview",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:20"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14371",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2018-07-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1607709"
}
],
"notes": [
{
"category": "description",
"text": "The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mojarra: Path traversal in ResourceManager.java:getLocalePrefix() via the loc parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14371"
},
{
"category": "external",
"summary": "RHBZ#1607709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14371",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14371"
}
],
"release_date": "2018-07-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"EAP-CD 20 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mojarra: Path traversal in ResourceManager.java:getLocalePrefix() via the loc parameter"
},
{
"acknowledgments": [
{
"names": [
"Brian Stansberry"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10172",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1715075"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity (XXE) vulnerability affects codehaus\u0027s jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-mapper-asl: XML external entity similar to CVE-2016-3720",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10172"
},
{
"category": "external",
"summary": "RHBZ#1715075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715075"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10172"
}
],
"release_date": "2019-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-mapper-asl: XML external entity similar to CVE-2016-3720"
},
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"EAP-CD 20 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"cve": "CVE-2020-1719",
"cwe": {
"id": "CWE-270",
"name": "Privilege Context Switching Error"
},
"discovery_date": "2019-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1796617"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1719"
},
{
"category": "external",
"summary": "RHBZ#1796617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1719",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1719"
}
],
"release_date": "2019-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain"
},
{
"cve": "CVE-2020-1954",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824301"
}
],
"notes": [
{
"category": "description",
"text": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: JMX integration is vulnerable to a MITM attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1954"
},
{
"category": "external",
"summary": "RHBZ#1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cxf: JMX integration is vulnerable to a MITM attack"
},
{
"acknowledgments": [
{
"names": [
"An Trinh"
]
}
],
"cve": "CVE-2020-6950",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2019-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6950"
},
{
"category": "external",
"summary": "RHBZ#1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950"
},
{
"category": "external",
"summary": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/issues/4571",
"url": "https://github.com/eclipse-ee4j/mojarra/issues/4571"
},
{
"category": "external",
"summary": "https://github.com/javaserverfaces/mojarra/issues/4364",
"url": "https://github.com/javaserverfaces/mojarra/issues/4364"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"EAP-CD 20 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"cve": "CVE-2020-10705",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1803241"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where certain requests to the \"Expect: 100-continue\" header may cause an out of memory error. This flaw may potentially lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100-continue\" header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10705"
},
{
"category": "external",
"summary": "RHBZ#1803241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1803241"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10705"
}
],
"release_date": "2020-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this security flaw.",
"product_ids": [
"EAP-CD 20 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: Memory exhaustion issue in HttpReadListener via \"Expect: 100-continue\" header"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"EAP-CD 20 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"ZeddYu"
]
}
],
"cve": "CVE-2020-10719",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2020-02-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: invalid HTTP request with large chunk size",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10719"
},
{
"category": "external",
"summary": "RHBZ#1828459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10719",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10719"
}
],
"release_date": "2020-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: invalid HTTP request with large chunk size"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"EAP-CD 20 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-11612",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816216"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error (OOME) or exhaustion of the memory pool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform end users don\u0027t have direct access to send requests to ElasticSearch. A user could need access to the ElasticSearch service on the internal cluster network in order to be able to send malicious requests to it.\n\n\nThird party scanners flagging Red Hat Satellite due to availability of the higher version packages in Red Hat AMQ Clients (through errata RHSA-2020:2605) compare to the qpid packages from Satellite Tools repository. qpid dependency fixed in errata RHSA-2020:2605 was for Red Hat AMQ Clients and it doesn\u0027t necessarily mean that packages from Satellite Tools are affected. These are two different products with different architecture and code-base. Updating the packages from any other repository than the Satellite-tools repository is not recommended for Satellite Customers. \n\nRed Hat Satellite 6.7 and earlier ship affected version of netty, however, there is no external connection being exposed and it is used by only Artemis to open an internal connection within the JVM. Since netty does not come into contact with untrusted data, vulnerability is not exposed in product code and there is no breach of Confidentiality, Integrity or Availability expected from this vulnerability. We may update the netty and its dependency in a future release.\n\nMore information regarding Satellite related packages can be found on KCS: https://access.redhat.com/solutions/5200591",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 20 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11612"
},
{
"category": "external",
"summary": "RHBZ#1816216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11612",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612"
}
],
"release_date": "2020-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-31T15:40:22+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 20 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3585"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP-CD 20 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes"
}
]
}
rhsa-2020:4244
Vulnerability from csaf_redhat
Published
2020-10-13 16:49
Modified
2025-08-04 12:03
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 6
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)
* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)
* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)
* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)\n\n* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)\n\n* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)\n\n* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4244",
"url": "https://access.redhat.com/errata/RHSA-2020:4244"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "JBEAP-19379",
"url": "https://issues.redhat.com/browse/JBEAP-19379"
},
{
"category": "external",
"summary": "JBEAP-19442",
"url": "https://issues.redhat.com/browse/JBEAP-19442"
},
{
"category": "external",
"summary": "JBEAP-19596",
"url": "https://issues.redhat.com/browse/JBEAP-19596"
},
{
"category": "external",
"summary": "JBEAP-19613",
"url": "https://issues.redhat.com/browse/JBEAP-19613"
},
{
"category": "external",
"summary": "JBEAP-19615",
"url": "https://issues.redhat.com/browse/JBEAP-19615"
},
{
"category": "external",
"summary": "JBEAP-19642",
"url": "https://issues.redhat.com/browse/JBEAP-19642"
},
{
"category": "external",
"summary": "JBEAP-19695",
"url": "https://issues.redhat.com/browse/JBEAP-19695"
},
{
"category": "external",
"summary": "JBEAP-19698",
"url": "https://issues.redhat.com/browse/JBEAP-19698"
},
{
"category": "external",
"summary": "JBEAP-19700",
"url": "https://issues.redhat.com/browse/JBEAP-19700"
},
{
"category": "external",
"summary": "JBEAP-19701",
"url": "https://issues.redhat.com/browse/JBEAP-19701"
},
{
"category": "external",
"summary": "JBEAP-19715",
"url": "https://issues.redhat.com/browse/JBEAP-19715"
},
{
"category": "external",
"summary": "JBEAP-19746",
"url": "https://issues.redhat.com/browse/JBEAP-19746"
},
{
"category": "external",
"summary": "JBEAP-19789",
"url": "https://issues.redhat.com/browse/JBEAP-19789"
},
{
"category": "external",
"summary": "JBEAP-19791",
"url": "https://issues.redhat.com/browse/JBEAP-19791"
},
{
"category": "external",
"summary": "JBEAP-19795",
"url": "https://issues.redhat.com/browse/JBEAP-19795"
},
{
"category": "external",
"summary": "JBEAP-19796",
"url": "https://issues.redhat.com/browse/JBEAP-19796"
},
{
"category": "external",
"summary": "JBEAP-19822",
"url": "https://issues.redhat.com/browse/JBEAP-19822"
},
{
"category": "external",
"summary": "JBEAP-19888",
"url": "https://issues.redhat.com/browse/JBEAP-19888"
},
{
"category": "external",
"summary": "JBEAP-19934",
"url": "https://issues.redhat.com/browse/JBEAP-19934"
},
{
"category": "external",
"summary": "JBEAP-19935",
"url": "https://issues.redhat.com/browse/JBEAP-19935"
},
{
"category": "external",
"summary": "JBEAP-19936",
"url": "https://issues.redhat.com/browse/JBEAP-19936"
},
{
"category": "external",
"summary": "JBEAP-19937",
"url": "https://issues.redhat.com/browse/JBEAP-19937"
},
{
"category": "external",
"summary": "JBEAP-19938",
"url": "https://issues.redhat.com/browse/JBEAP-19938"
},
{
"category": "external",
"summary": "JBEAP-19939",
"url": "https://issues.redhat.com/browse/JBEAP-19939"
},
{
"category": "external",
"summary": "JBEAP-19940",
"url": "https://issues.redhat.com/browse/JBEAP-19940"
},
{
"category": "external",
"summary": "JBEAP-19942",
"url": "https://issues.redhat.com/browse/JBEAP-19942"
},
{
"category": "external",
"summary": "JBEAP-19955",
"url": "https://issues.redhat.com/browse/JBEAP-19955"
},
{
"category": "external",
"summary": "JBEAP-19965",
"url": "https://issues.redhat.com/browse/JBEAP-19965"
},
{
"category": "external",
"summary": "JBEAP-20027",
"url": "https://issues.redhat.com/browse/JBEAP-20027"
},
{
"category": "external",
"summary": "JBEAP-20037",
"url": "https://issues.redhat.com/browse/JBEAP-20037"
},
{
"category": "external",
"summary": "JBEAP-20064",
"url": "https://issues.redhat.com/browse/JBEAP-20064"
},
{
"category": "external",
"summary": "JBEAP-20087",
"url": "https://issues.redhat.com/browse/JBEAP-20087"
},
{
"category": "external",
"summary": "JBEAP-20112",
"url": "https://issues.redhat.com/browse/JBEAP-20112"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4244.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 6",
"tracking": {
"current_release_date": "2025-08-04T12:03:29+00:00",
"generator": {
"date": "2025-08-04T12:03:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:4244",
"initial_release_date": "2020-10-13T16:49:49+00:00",
"revision_history": [
{
"date": "2020-10-13T16:49:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-10-13T16:49:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T12:03:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-25.SP12_redhat_00013.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-25.SP12_redhat_00013.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-8.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketbox-infinispan@5.0.3-8.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-5.redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.8-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.8-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xerces-j2@2.12.0-2.SP03_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.3.7-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.3.7-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.3.7-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.3.7-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-invocation@1.5.3-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-codec@1.14.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP12_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.18-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.18-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.18-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.18-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.18-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-client@4.5.12-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-core@4.4.13-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.7-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.26.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-velocity@2.2.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-velocity-engine-core@2.2.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.13-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ws-commons-XmlSchema@2.2.5-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.65.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.65.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.65.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.65.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-1.redhat_00001.1.el6eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.1.10-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.10-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.31-1.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.10.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.3-4.GA_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.3-4.GA_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.3-4.GA_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-25.SP12_redhat_00013.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"product": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"product_id": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketbox@5.0.3-8.Final_redhat_00007.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-5.redhat_00011.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.9-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.8-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src",
"product_id": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xerces-j2@2.12.0-2.SP03_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.3.7-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-invocation@1.5.3-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-codec@1.14.0-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP12_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.18-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-client@4.5.12-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-core@4.4.13-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.7-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.26.0-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-velocity@2.2.0-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.13-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ws-commons-XmlSchema@2.2.5-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.65.0-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-1.redhat_00001.1.el6eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.17-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jgroups@4.1.10-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.10-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.9-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.31-1.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.10.0-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.3-4.GA_redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"product": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"product_id": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-3.redhat_1.el6eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-2.Final_redhat_00002.1.el6eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"product": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"product_id": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-3.redhat_1.el6eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.0.2-3.redhat_1.el6eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src"
},
"product_reference": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64 as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64"
},
"product_reference": "eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64 as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src"
},
"product_reference": "eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1954",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824301"
}
],
"notes": [
{
"category": "description",
"text": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: JMX integration is vulnerable to a MITM attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1954"
},
{
"category": "external",
"summary": "RHBZ#1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:49:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4244"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cxf: JMX integration is vulnerable to a MITM attack"
},
{
"acknowledgments": [
{
"names": [
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14299",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2020-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848533"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14299"
},
{
"category": "external",
"summary": "RHBZ#1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14299",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14299"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299"
}
],
"release_date": "2020-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:49:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4244"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass"
},
{
"cve": "CVE-2020-14338",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the \"use-grammar-pool-only\" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14338"
},
{
"category": "external",
"summary": "RHBZ#1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14338",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338"
}
],
"release_date": "2020-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:49:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4244"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl"
},
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14340",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860218"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, handled between garbage collection cycles, may allow the attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14340"
},
{
"category": "external",
"summary": "RHBZ#1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14340",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340"
}
],
"release_date": "2020-07-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-13T16:49:49+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4244"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-5.redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-native-1:1.0.2-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-5.redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-codec-0:1.14.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-commons-lang-0:3.10.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.src",
"6Server-JBEAP-7.3:eap7-artemis-native-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-artemis-native-wildfly-1:1.0.2-3.redhat_1.el6eap.x86_64",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.65.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.65.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP12_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-client-0:4.5.12-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-httpcomponents-core-0:4.4.13-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jberet-0:1.3.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jberet-core-0:1.3.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-invocation-0:1.5.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jgroups-0:4.1.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketbox-0:5.0.3-8.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketbox-infinispan-0:5.0.3-8.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-picketlink-bindings-0:2.5.5-25.SP12_redhat_00013.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-picketlink-wildfly8-0:2.5.5-25.SP12_redhat_00013.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-snakeyaml-0:1.26.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.31-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-velocity-0:2.2.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-velocity-engine-core-0:2.2.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.3-4.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.3-4.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-transaction-client-0:1.1.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ws-commons-XmlSchema-0:2.2.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-xerces-j2-0:2.12.0-2.SP03_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS"
}
]
}
ghsa-ffm7-7r8g-77xm
Vulnerability from github
Published
2022-02-10 22:38
Modified
2023-09-26 10:43
Severity ?
VLAI Severity ?
Summary
Apache CXF JMX Integration is vulnerable to a MITM attack
Details
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the createMBServerConnectorFactory property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.cxf:cxf-rt-management"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.13"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.cxf:cxf-rt-management"
},
"ranges": [
{
"events": [
{
"introduced": "3.3.0"
},
{
"fixed": "3.3.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-1954"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-07T18:12:21Z",
"nvd_published_at": "2020-04-01T21:15:00Z",
"severity": "MODERATE"
},
"details": "Apache CXF has the ability to integrate with JMX by registering an `InstrumentationManager` extension with the CXF bus. If the `createMBServerConnectorFactory` property of the default `InstrumentationManagerImpl` is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"id": "GHSA-ffm7-7r8g-77xm",
"modified": "2023-09-26T10:43:36Z",
"published": "2022-02-10T22:38:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
},
{
"type": "WEB",
"url": "https://github.com/apache/cxf/commit/1cf4fed546904a4a2560f53a2a2391d834b4026c"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220210-0001"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"type": "WEB",
"url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Apache CXF JMX Integration is vulnerable to a MITM attack"
}
fkie_cve-2020-1954
Vulnerability from fkie_nvd
Published
2020-04-01 21:15
Modified
2024-11-21 05:11
Severity ?
Summary
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@apache.org | http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2 | Vendor Advisory | |
| security@apache.org | https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E | ||
| security@apache.org | https://security.netapp.com/advisory/ntap-20220210-0001/ | Patch, Third Party Advisory | |
| security@apache.org | https://www.oracle.com/security-alerts/cpuoct2020.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220210-0001/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuoct2020.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | cxf | * | |
| apache | cxf | * | |
| oracle | communications_diameter_signaling_router | * | |
| oracle | communications_element_manager | * | |
| oracle | communications_session_report_manager | * | |
| oracle | enterprise_manager_base_platform | 13.2.1.0 | |
| oracle | peoplesoft_enterprise_peopletools | 8.56 | |
| netapp | oncommand_workflow_automation | - | |
| netapp | snapmanager | - | |
| oracle | communications_diameter_signaling_router_idih\ | ||
| oracle | communications_element_manager | * | |
| oracle | communications_session_report_manager | * | |
| oracle | communications_session_route_manager | * | |
| oracle | enterprise_manager_base_platform | 13.2.1.0 | |
| oracle | peoplesoft_enterprise_peopletools | 8.56 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD0BC46-24B2-493D-8FF3-BF4D49A5F215",
"versionEndExcluding": "3.2.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E7E391-B755-4F71-934A-B16CA8351D78",
"versionEndExcluding": "3.3.6",
"versionStartIncluding": "3.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "526E2FE5-263F-416F-8628-6CD40B865780",
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B51F78F4-8D7E-48C2-86D1-D53A6EB348A7",
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5416A1-EE58-415D-9645-B6A875EBAED2",
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66916DEB-ACE1-44E0-9535-10B3E03347AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A735B4-4F3C-416B-8C08-9CB21BAD2889",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\\::*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFED7F5-03FA-43B5-AD13-1130F0324448",
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B51F78F4-8D7E-48C2-86D1-D53A6EB348A7",
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5416A1-EE58-415D-9645-B6A875EBAED2",
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11B0C37E-D7C7-45F2-A8D8-5A3B1B191430",
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66916DEB-ACE1-44E0-9535-10B3E03347AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A735B4-4F3C-416B-8C08-9CB21BAD2889",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX."
},
{
"lang": "es",
"value": "Apache CXF posee la capacidad de integrarse con JMX mediante el registro de una extensi\u00f3n InstrumentationManager con el bus CXF. Si la propiedad \"createMBServerConnectorFactory\" del InstrumentationManagerImpl predeterminado no est\u00e1 deshabilitada, entonces es vulnerable a un ataque de estilo man-in-the-middle (MITM). Un atacante en el mismo host puede conectar con el registro y volver a vincular la entrada a otro servidor, y as\u00ed actuar como un proxy del original. Pueden luego obtener acceso a toda la informaci\u00f3n que es enviada y recibida a trav\u00e9s de JMX."
}
],
"id": "CVE-2020-1954",
"lastModified": "2024-11-21T05:11:43.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-01T21:15:14.597",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0001/"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2020-1954
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-1954",
"description": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"id": "GSD-2020-1954",
"references": [
"https://access.redhat.com/errata/RHSA-2020:4961",
"https://access.redhat.com/errata/RHSA-2020:4960",
"https://access.redhat.com/errata/RHSA-2020:4931",
"https://access.redhat.com/errata/RHSA-2020:4247",
"https://access.redhat.com/errata/RHSA-2020:4246",
"https://access.redhat.com/errata/RHSA-2020:4245",
"https://access.redhat.com/errata/RHSA-2020:4244",
"https://access.redhat.com/errata/RHSA-2020:3585"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-1954"
],
"details": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"id": "GSD-2020-1954",
"modified": "2023-12-13T01:21:58.344099Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-1954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache CXF",
"version": {
"version_data": [
{
"version_value": "affects all versions prior to 3.3.6 and 3.2.13"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2",
"refsource": "MISC",
"url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2"
},
{
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220210-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220210-0001/"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,3.2.13),[3.3.0,3.3.6)",
"affected_versions": "All versions before 3.2.13, all versions starting from 3.3.0 before 3.3.6",
"cvss_v2": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-200",
"CWE-937"
],
"date": "2021-07-21",
"description": "Apache CXF has the ability to integrate with JMX by registering an `InstrumentationManager` extension with the CXF bus. If the `createMBServerConnectorFactory` property of the default `InstrumentationManagerImpl` is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack.",
"fixed_versions": [
"3.2.13",
"3.3.6"
],
"identifier": "CVE-2020-1954",
"identifiers": [
"CVE-2020-1954"
],
"not_impacted": "All versions starting from 3.2.13 before 3.3.0, all versions starting from 3.3.6",
"package_slug": "maven/org.apache.cxf/cxf-core",
"pubdate": "2020-04-01",
"solution": "Upgrade to versions 3.2.13, 3.3.6 or above.",
"title": "Information Exposure",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
],
"uuid": "5fcd3828-c250-419f-b1cf-cde15007fbc3"
},
{
"affected_range": "(,3.2.13),[3.3.0,3.3.6)",
"affected_versions": "All versions before 3.2.13, all versions starting from 3.3.0 before 3.3.6",
"cvss_v2": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-200",
"CWE-937"
],
"date": "2021-07-21",
"description": "Apache CXF has the ability to integrate with JMX by registering an `InstrumentationManager` extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default `InstrumentationManagerImpl` is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"fixed_versions": [
"3.2.13",
"3.3.6"
],
"identifier": "CVE-2020-1954",
"identifiers": [
"CVE-2020-1954"
],
"not_impacted": "All versions starting from 3.2.13 before 3.3.0, all versions starting from 3.3.6",
"package_slug": "maven/org.apache.cxf/cxf-rt-management",
"pubdate": "2020-04-01",
"solution": "Upgrade to versions 3.2.13, 3.3.6 or above.",
"title": "Information Exposure",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
],
"uuid": "6a0dcb68-c768-49aa-9bed-28102c7d966f"
},
{
"affected_range": "(,3.3.6)",
"affected_versions": "All versions before 3.3.6",
"cvss_v2": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-937"
],
"date": "2022-02-11",
"description": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"fixed_versions": [
"3.3.6"
],
"identifier": "CVE-2020-1954",
"identifiers": [
"GHSA-ffm7-7r8g-77xm",
"CVE-2020-1954"
],
"not_impacted": "All versions starting from 3.3.6",
"package_slug": "maven/org.apache.cxf/cxf",
"pubdate": "2022-02-10",
"solution": "Upgrade to version 3.3.6 or above.",
"title": "Exposure of Sensitive Information to an Unauthorized Actor in Apache CXF",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E",
"https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E",
"https://www.oracle.com/security-alerts/cpuoct2020.html",
"http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2",
"https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E",
"https://security.netapp.com/advisory/ntap-20220210-0001/",
"https://github.com/advisories/GHSA-ffm7-7r8g-77xm"
],
"uuid": "7b3d4613-c873-437f-9496-7ad561ff8558"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.13",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.3.6",
"versionStartIncluding": "3.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\\::*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-1954"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1\u0026modificationDate=1585730169000\u0026api=v2"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"refsource": "MLIST",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220210-0001/",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0001/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-02-21T02:52Z",
"publishedDate": "2020-04-01T21:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…