Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-25649 (GCVE-0-2020-25649)
Vulnerability from cvelistv5 – Published: 2020-12-03 16:16 – Updated: 2024-08-04 15:40
VLAI
EPSS
Summary
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
Severity
No CVSS data available.
CWE
Assigner
References
71 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | jackson-databind |
Affected:
jackson-databind-2.11.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:40:36.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
},
{
"name": "[kafka-jira] 20201205 [GitHub] [kafka] sirocchj opened a new pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[druid-commits] 20201208 [GitHub] [druid] jihoonson opened a new pull request #10655: Bump up jackson-databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] ijuma commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] niteshmor commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] sirocchj edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] sirocchj commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201210 [GitHub] [kafka] sirocchj commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201210 [GitHub] [kafka] niteshmor edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201210 [GitHub] [kafka] niteshmor commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201215 [GitHub] [kafka] ijuma commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20201215 Re: [VOTE] 2.7.0 RC5",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304%40%3Cusers.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20201215 Re: [VOTE] 2.7.0 RC5",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201215 [GitHub] [kafka] ijuma merged pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201215 [GitHub] [kafka] ijuma edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210105 [jira] [Created] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210105 [jira] [Updated] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210105 [jira] [Created] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0%40%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[kafka-dev] 20210105 Re: [kafka-clients] Re: [VOTE] 2.6.1 RC3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20210105 Re: [kafka-clients] Re: [VOTE] 2.6.1 RC3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080%40%3Cusers.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210106 [GitHub] [zookeeper] edwin092 opened a new pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210106 [jira] [Commented] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210106 [GitHub] [zookeeper] asfgit closed pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5.9 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210106 [GitHub] [zookeeper] nkalmar commented on pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch master updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210116 [jira] [Commented] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[flink-issues] 20210121 [GitHub] [flink-shaded] HuangXingBo opened a new pull request #93: [FLINK-21020][jackson] Bump version to 2.12.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210122 [GitHub] [flink-shaded] HuangXingBo opened a new pull request #93: [FLINK-21020][jackson] Bump version to 2.12.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[tomee-commits] 20210127 [jira] [Created] (TOMEE-2965) CVE-2020-25649 - Update jackson databind",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a%40%3Ccommits.tomee.apache.org%3E"
},
{
"name": "FEDORA-2021-1d8254899c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT/"
},
{
"name": "[karaf-commits] 20210217 [GitHub] [karaf] svogt opened a new pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1%40%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[karaf-commits] 20210217 [GitHub] [karaf] jbonofre merged pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb%40%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[karaf-commits] 20210217 [karaf] branch master updated: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22%40%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[karaf-commits] 20210217 [GitHub] [karaf] jbonofre commented on pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402%40%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[hive-issues] 20210223 [jira] [Assigned] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-dev] 20210223 [jira] [Created] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1%40%3Cdev.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210223 [jira] [Updated] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210223 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210315 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210316 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[turbine-commits] 20210316 svn commit: r1887732 - in /turbine/fulcrum/trunk/json: ./ jackson/ jackson/src/test/org/apache/fulcrum/json/jackson/ jackson2/ jackson2/src/test/org/apache/fulcrum/json/jackson/ jackson2/src/test/org/apache/fulcrum/json/jackson/mixins/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386%40%3Ccommits.turbine.apache.org%3E"
},
{
"name": "[iotdb-notifications] 20210324 [jira] [Created] (IOTDB-1256) Jackson have loopholes CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8%40%3Cnotifications.iotdb.apache.org%3E"
},
{
"name": "[iotdb-reviews] 20210324 [GitHub] [iotdb] wangchao316 opened a new pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042%40%3Creviews.iotdb.apache.org%3E"
},
{
"name": "[iotdb-reviews] 20210324 [GitHub] [iotdb] wangchao316 closed pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60%40%3Creviews.iotdb.apache.org%3E"
},
{
"name": "[iotdb-commits] 20210325 [iotdb] branch master updated: [IOTDB-1256] upgrade Jackson to 2.11.0 because of loopholes CVE-2020-25649 (#2896)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07%40%3Ccommits.iotdb.apache.org%3E"
},
{
"name": "[iotdb-reviews] 20210325 [GitHub] [iotdb] jixuan1989 merged pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb%40%3Creviews.iotdb.apache.org%3E"
},
{
"name": "[hive-issues] 20210503 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210510 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210514 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[knox-dev] 20210601 [jira] [Created] (KNOX-2614) Upgrade Jackson due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb%40%3Cdev.knox.apache.org%3E"
},
{
"name": "[knox-dev] 20210601 [jira] [Updated] (KNOX-2614) Upgrade jackson-databind to 2.10.5 due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61%40%3Cdev.knox.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83%40%3Ccommits.servicecomb.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210108-0007/"
},
{
"name": "[spark-user] 20210621 Re: CVEs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3%40%3Cuser.spark.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[hive-issues] 20211012 [jira] [Resolved] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20211012 [jira] [Updated] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949%40%3Cissues.hive.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jackson-databind",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "jackson-databind-2.11.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:15:31.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
},
{
"name": "[kafka-jira] 20201205 [GitHub] [kafka] sirocchj opened a new pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[druid-commits] 20201208 [GitHub] [druid] jihoonson opened a new pull request #10655: Bump up jackson-databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] ijuma commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] niteshmor commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] sirocchj edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] sirocchj commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201210 [GitHub] [kafka] sirocchj commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201210 [GitHub] [kafka] niteshmor edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201210 [GitHub] [kafka] niteshmor commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201215 [GitHub] [kafka] ijuma commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20201215 Re: [VOTE] 2.7.0 RC5",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304%40%3Cusers.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20201215 Re: [VOTE] 2.7.0 RC5",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201215 [GitHub] [kafka] ijuma merged pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201215 [GitHub] [kafka] ijuma edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210105 [jira] [Created] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210105 [jira] [Updated] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210105 [jira] [Created] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0%40%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[kafka-dev] 20210105 Re: [kafka-clients] Re: [VOTE] 2.6.1 RC3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20210105 Re: [kafka-clients] Re: [VOTE] 2.6.1 RC3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080%40%3Cusers.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210106 [GitHub] [zookeeper] edwin092 opened a new pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210106 [jira] [Commented] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210106 [GitHub] [zookeeper] asfgit closed pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5.9 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210106 [GitHub] [zookeeper] nkalmar commented on pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch master updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210116 [jira] [Commented] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[flink-issues] 20210121 [GitHub] [flink-shaded] HuangXingBo opened a new pull request #93: [FLINK-21020][jackson] Bump version to 2.12.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210122 [GitHub] [flink-shaded] HuangXingBo opened a new pull request #93: [FLINK-21020][jackson] Bump version to 2.12.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd%40%3Cissues.flink.apache.org%3E"
},
{
"name": "[tomee-commits] 20210127 [jira] [Created] (TOMEE-2965) CVE-2020-25649 - Update jackson databind",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a%40%3Ccommits.tomee.apache.org%3E"
},
{
"name": "FEDORA-2021-1d8254899c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT/"
},
{
"name": "[karaf-commits] 20210217 [GitHub] [karaf] svogt opened a new pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1%40%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[karaf-commits] 20210217 [GitHub] [karaf] jbonofre merged pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb%40%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[karaf-commits] 20210217 [karaf] branch master updated: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22%40%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[karaf-commits] 20210217 [GitHub] [karaf] jbonofre commented on pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402%40%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[hive-issues] 20210223 [jira] [Assigned] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-dev] 20210223 [jira] [Created] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1%40%3Cdev.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210223 [jira] [Updated] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210223 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210315 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210316 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[turbine-commits] 20210316 svn commit: r1887732 - in /turbine/fulcrum/trunk/json: ./ jackson/ jackson/src/test/org/apache/fulcrum/json/jackson/ jackson2/ jackson2/src/test/org/apache/fulcrum/json/jackson/ jackson2/src/test/org/apache/fulcrum/json/jackson/mixins/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386%40%3Ccommits.turbine.apache.org%3E"
},
{
"name": "[iotdb-notifications] 20210324 [jira] [Created] (IOTDB-1256) Jackson have loopholes CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8%40%3Cnotifications.iotdb.apache.org%3E"
},
{
"name": "[iotdb-reviews] 20210324 [GitHub] [iotdb] wangchao316 opened a new pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042%40%3Creviews.iotdb.apache.org%3E"
},
{
"name": "[iotdb-reviews] 20210324 [GitHub] [iotdb] wangchao316 closed pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60%40%3Creviews.iotdb.apache.org%3E"
},
{
"name": "[iotdb-commits] 20210325 [iotdb] branch master updated: [IOTDB-1256] upgrade Jackson to 2.11.0 because of loopholes CVE-2020-25649 (#2896)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07%40%3Ccommits.iotdb.apache.org%3E"
},
{
"name": "[iotdb-reviews] 20210325 [GitHub] [iotdb] jixuan1989 merged pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb%40%3Creviews.iotdb.apache.org%3E"
},
{
"name": "[hive-issues] 20210503 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210510 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210514 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[knox-dev] 20210601 [jira] [Created] (KNOX-2614) Upgrade Jackson due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb%40%3Cdev.knox.apache.org%3E"
},
{
"name": "[knox-dev] 20210601 [jira] [Updated] (KNOX-2614) Upgrade jackson-databind to 2.10.5 due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61%40%3Cdev.knox.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83%40%3Ccommits.servicecomb.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210108-0007/"
},
{
"name": "[spark-user] 20210621 Re: CVEs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3%40%3Cuser.spark.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[hive-issues] 20211012 [jira] [Resolved] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20211012 [jira] [Updated] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949%40%3Cissues.hive.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-25649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "jackson-databind",
"version": {
"version_data": [
{
"version_value": "jackson-databind-2.11.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"name": "https://github.com/FasterXML/jackson-databind/issues/2589",
"refsource": "MISC",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
},
{
"name": "[kafka-jira] 20201205 [GitHub] [kafka] sirocchj opened a new pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[druid-commits] 20201208 [GitHub] [druid] jihoonson opened a new pull request #10655: Bump up jackson-databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda@%3Ccommits.druid.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] ijuma commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] niteshmor commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] sirocchj edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201209 [GitHub] [kafka] sirocchj commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201210 [GitHub] [kafka] sirocchj commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201210 [GitHub] [kafka] niteshmor edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201210 [GitHub] [kafka] niteshmor commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201215 [GitHub] [kafka] ijuma commented on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20201215 Re: [VOTE] 2.7.0 RC5",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cusers.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20201215 Re: [VOTE] 2.7.0 RC5",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201215 [GitHub] [kafka] ijuma merged pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20201215 [GitHub] [kafka] ijuma edited a comment on pull request #9702: CVE-2020-25649: bumping jackson to patched version 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210105 [jira] [Created] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210105 [jira] [Updated] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210105 [jira] [Created] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0@%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[kafka-dev] 20210105 Re: [kafka-clients] Re: [VOTE] 2.6.1 RC3",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20210105 Re: [kafka-clients] Re: [VOTE] 2.6.1 RC3",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080@%3Cusers.kafka.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210106 [GitHub] [zookeeper] edwin092 opened a new pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210106 [jira] [Commented] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210106 [GitHub] [zookeeper] asfgit closed pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5.9 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210106 [GitHub] [zookeeper] nkalmar commented on pull request #1572: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210106 [zookeeper] branch master updated: ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210116 [jira] [Commented] (ZOOKEEPER-4045) CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[flink-issues] 20210121 [GitHub] [flink-shaded] HuangXingBo opened a new pull request #93: [FLINK-21020][jackson] Bump version to 2.12.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3@%3Cissues.flink.apache.org%3E"
},
{
"name": "[flink-issues] 20210122 [GitHub] [flink-shaded] HuangXingBo opened a new pull request #93: [FLINK-21020][jackson] Bump version to 2.12.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd@%3Cissues.flink.apache.org%3E"
},
{
"name": "[tomee-commits] 20210127 [jira] [Created] (TOMEE-2965) CVE-2020-25649 - Update jackson databind",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a@%3Ccommits.tomee.apache.org%3E"
},
{
"name": "FEDORA-2021-1d8254899c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT/"
},
{
"name": "[karaf-commits] 20210217 [GitHub] [karaf] svogt opened a new pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1@%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[karaf-commits] 20210217 [GitHub] [karaf] jbonofre merged pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb@%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[karaf-commits] 20210217 [karaf] branch master updated: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22@%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[karaf-commits] 20210217 [GitHub] [karaf] jbonofre commented on pull request #1296: Update jackson-databind to fix CVE-2020-25649 / BDSA-2020-2965",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402@%3Ccommits.karaf.apache.org%3E"
},
{
"name": "[hive-issues] 20210223 [jira] [Assigned] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-dev] 20210223 [jira] [Created] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1@%3Cdev.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210223 [jira] [Updated] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210223 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210315 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210316 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7@%3Cissues.hive.apache.org%3E"
},
{
"name": "[turbine-commits] 20210316 svn commit: r1887732 - in /turbine/fulcrum/trunk/json: ./ jackson/ jackson/src/test/org/apache/fulcrum/json/jackson/ jackson2/ jackson2/src/test/org/apache/fulcrum/json/jackson/ jackson2/src/test/org/apache/fulcrum/json/jackson/mixins/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386@%3Ccommits.turbine.apache.org%3E"
},
{
"name": "[iotdb-notifications] 20210324 [jira] [Created] (IOTDB-1256) Jackson have loopholes CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8@%3Cnotifications.iotdb.apache.org%3E"
},
{
"name": "[iotdb-reviews] 20210324 [GitHub] [iotdb] wangchao316 opened a new pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042@%3Creviews.iotdb.apache.org%3E"
},
{
"name": "[iotdb-reviews] 20210324 [GitHub] [iotdb] wangchao316 closed pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60@%3Creviews.iotdb.apache.org%3E"
},
{
"name": "[iotdb-commits] 20210325 [iotdb] branch master updated: [IOTDB-1256] upgrade Jackson to 2.11.0 because of loopholes CVE-2020-25649 (#2896)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07@%3Ccommits.iotdb.apache.org%3E"
},
{
"name": "[iotdb-reviews] 20210325 [GitHub] [iotdb] jixuan1989 merged pull request #2896: [IOTDB-1256] Jackson have loopholes CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb@%3Creviews.iotdb.apache.org%3E"
},
{
"name": "[hive-issues] 20210503 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210510 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20210514 [jira] [Work logged] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524@%3Cissues.hive.apache.org%3E"
},
{
"name": "[knox-dev] 20210601 [jira] [Created] (KNOX-2614) Upgrade Jackson due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb@%3Cdev.knox.apache.org%3E"
},
{
"name": "[knox-dev] 20210601 [jira] [Updated] (KNOX-2614) Upgrade jackson-databind to 2.10.5 due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61@%3Cdev.knox.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83@%3Ccommits.servicecomb.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83@%3Ccommits.servicecomb.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210108-0007/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210108-0007/"
},
{
"name": "[spark-user] 20210621 Re: CVEs",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3@%3Cuser.spark.apache.org%3E"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "[kafka-dev] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20210831 Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3Cusers.kafka.apache.org%3E"
},
{
"name": "[kafka-users] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cusers.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210901 Re: [EXTERNAL] Re: Security vulnerabilities in kafka:2.13-2.6.0/2.7.0 docker image",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[hive-issues] 20211012 [jira] [Resolved] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20211012 [jira] [Updated] (HIVE-24816) Upgrade jackson to 2.10.5.1 or 2.11.0+ due to CVE-2020-25649",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949@%3Cissues.hive.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-25649",
"datePublished": "2020-12-03T16:16:50.000Z",
"dateReserved": "2020-09-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:40:36.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-25649",
"date": "2026-05-29",
"epss": "0.00075",
"percentile": "0.2257"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-25649\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-12-03T17:15:12.503\",\"lastModified\":\"2024-11-21T05:18:20.343\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un fallo en FasterXML Jackson Databind, donde no ten\u00eda la expansi\u00f3n de entidad asegurada apropiadamente. Este fallo permite una vulnerabilidad a ataques de tipo XML external entity (XXE). La mayor amenaza de esta vulnerabilidad es la integridad de los datos\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.0\",\"versionEndExcluding\":\"2.6.7.4\",\"matchCriteriaId\":\"2C23395F-4438-4B80-9DA6-87E760F7459A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.9.0\",\"versionEndExcluding\":\"2.9.10.7\",\"matchCriteriaId\":\"7703D07D-5784-47D1-9391-D376A24D7C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.10.0\",\"versionEndExcluding\":\"2.10.5.1\",\"matchCriteriaId\":\"28C07803-813B-4AAC-9C08-9EB83756F16B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EC98B22-FFAA-4B59-8E63-EBAA4336AD13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7081652A-D28B-494E-94EF-CA88117F23EE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.6.1\",\"matchCriteriaId\":\"ADFFB9C4-DE43-4ADC-B1C7-6F034741D9C3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:iotdb:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.12.0\",\"matchCriteriaId\":\"8C798AD5-AAF5-4044-B348-336F4CFA86CF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C650FEDB-E903-4C2D-AD40-282AB5F2E3C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:agile_product_lifecycle_management_integration_pack:3.6:*:*:*:*:e-business_suite:*:*\",\"matchCriteriaId\":\"5B62CB3B-FDDF-4AFF-A47E-6ADE6504D451\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_apis:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.1\",\"versionEndIncluding\":\"18.3\",\"matchCriteriaId\":\"6DF2D056-3118-4C31-BEDD-69F016898CBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_apis:19.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF34B11F-3DE1-4C22-8EB1-AEE5CE5E4172\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_apis:19.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86F03B63-F922-45CD-A7D1-326DB0042875\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_apis:20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CBFC93F-8B39-45A2-981C-59B187169BD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_apis:21.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0843465C-F940-4FFC-998D-9A2668B75EA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"132CE62A-FBFC-4001-81EC-35D81F73AF48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"282150FF-C945-4A3E-8A80-E8757A8907EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"645AA3D1-C8B5-4CD2-8ACE-31541FA267F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBCE22C0-4253-40A5-89AE-499A3BC9EFF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB9FC9AB-1070-420F-870E-A5EC43A924A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C5C28ED-C5AA-40B9-9B26-6A91D20B3E1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_treasury_management:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"180F3D2A-7E7A-4DE9-9792-942CB3D6B51E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.1.2\",\"matchCriteriaId\":\"D0DBC938-A782-433F-8BF1-CA250C332AA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:coherence:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FF57C7A-92C9-4D71-A7B1-CC9DEFAA8193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:coherence:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FA64A1D-34F9-4441-857A-25C165E6DBB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:commerce_platform:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.3.0\",\"versionEndIncluding\":\"11.3.2\",\"matchCriteriaId\":\"F012E976-E219-46C2-8177-60ED859594BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:commerce_platform:11.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21BEF2FC-89B8-4D97-BB3A-C1ECA19D03B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"790A89FD-6B86-49AE-9B4F-AE7262915E13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E39D442D-1997-49AF-8B02-5640BE2A26CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB1BC31C-6016-42A8-9517-2FBBC92620CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4012B512-DB7D-476A-93A6-51054DD6E3D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"987811D5-DA5E-493D-8709-F9231A84E5F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4A94B36-479F-48F2-9B9E-ACEA2589EF48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46E23F2E-6733-45AF-9BD9-1A600BD278C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E812639B-EE28-4C68-9F6F-70C8BF981C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28AD22B9-A037-419C-8D72-8B062E6882FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A23B00C1-878A-4B55-B87B-EFFFA6A5E622\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A28F42F0-FBDA-4574-AD30-7A04F27FEA3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"062E4E7C-55BB-46F3-8B61-5A663B565891\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7637F8B-15F1-42E2-BE18-E1FF7C66587D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7BE0590-31BD-4FCD-B50E-A5F86196F99E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_empirica_signal:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2051BA9E-E635-47D5-B942-8AC26E9487CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_empirica_signal:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EA81FC1-63E1-479F-941C-930351E43010\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"1DDB3D8B-1D04-4345-BB27-723186719CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_policy_administration:11.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F89EC4B-6D34-40F0-B7C6-C03D03F81C13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"5DEAB5CD-4223-4A43-AB9E-486113827A6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3E25293-CB03-44CE-A8ED-04B3A0487A6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.2.5.3\",\"matchCriteriaId\":\"A0A366B8-1B5C-4C9E-A761-1AB1547D7404\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.2.5.3\",\"matchCriteriaId\":\"4BCA7DD9-8599-4E43-9D82-999BE15483B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"6951D244-845C-4BF2-AC75-F226B0C39C77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.12.0\",\"versionEndIncluding\":\"17.12.11\",\"matchCriteriaId\":\"8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.8.0\",\"versionEndIncluding\":\"18.8.11\",\"matchCriteriaId\":\"53E2276C-9515-46F6-A621-213A3047B9A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.12.0\",\"versionEndIncluding\":\"19.12.10\",\"matchCriteriaId\":\"3EF7E2B4-B741-41E9-8EF6-6C415AB9EF54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_gateway:20.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A932C79-8646-4023-9C12-9C7A2A6840EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E702EBED-DB39-4084-84B1-258BC5FE7545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F7956BF-D5B6-484B-999C-36B45CD8B75B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:16.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEE71EA5-B315-4F1E-BFEE-EC426B562F7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"490B2C44-CECD-4551-B04F-4076D0E053C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48EFC111-B01B-4C34-87E4-D6B2C40C0122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073FEA23-E46A-4C73-9D29-95CFF4F5A59D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69FB468-EAF3-4E67-95E7-DF92C281C1F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E39D5C-5EFA-4FEB-909E-0A92004F2563\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.3.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5BBA303-8D2B-48C5-B52A-4E192166699C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.3.0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DF02546-3F0D-4FDD-89B1-8A3FE43FB5BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F906F04-39E4-4BE4-8A73-9D058AAADB43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B393A82-476A-4270-A903-38ED4169E431\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85CAE52B-C2CA-4C6B-A0B7-2B9D6F0499E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6A4F71A-4269-40FC-8F61-1D1301F2B728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A502118-5B2B-47AE-82EC-1999BD841103\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:communications_messaging_server:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E819270D-AA7D-4B0E-990B-D25AB6E46FBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7569C0BD-16C1-441E-BAEB-840C94BE73EF\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1887664\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FasterXML/jackson-databind/issues/2589\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386%40%3Ccommits.turbine.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda%40%3Ccommits.druid.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1%40%3Cdev.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83%40%3Ccommits.servicecomb.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb%40%3Ccommits.karaf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd%40%3Cissues.flink.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042%40%3Creviews.iotdb.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61%40%3Cdev.knox.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304%40%3Cdev.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304%40%3Cusers.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb%40%3Creviews.iotdb.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07%40%3Ccommits.iotdb.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8%40%3Cnotifications.iotdb.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60%40%3Creviews.iotdb.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3%40%3Cuser.spark.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080%40%3Cdev.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080%40%3Cusers.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0%40%3Cdev.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22%40%3Ccommits.karaf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a%40%3Ccommits.tomee.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3%40%3Cissues.flink.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb%40%3Cdev.knox.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1%40%3Cissues.hive.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1%40%3Ccommits.karaf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca%40%3Cjira.kafka.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402%40%3Ccommits.karaf.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20210108-0007/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1887664\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FasterXML/jackson-databind/issues/2589\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r011d1430e8f40dff9550c3bc5d0f48b14c01ba8aecabd91d5e495386%40%3Ccommits.turbine.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r024b7bda9c43c5560d81238748775c5ecfe01b57280f90df1f773949%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r04529cedaca40c2ff90af4880493f9c88a8ebf4d1d6c861d23108a5a%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r0881e23bd9034c8f51fdccdc8f4d085ba985dcd738f8520569ca5c3d%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r0b8dc3acd4503e4ecb6fbd6ea7d95f59941168d8452ac0ab1d1d96bb%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r1b7ed0c4b6c4301d4dfd6fdbc5581b0a789d3240cab55d766f33c6c6%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2882fc1f3032cd7be66e28787f04ec6f1874ac68d47e310e30ff7eb1%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2b6ddb3a4f4cd11d8f6305011e1b7438ba813511f2e3ab3180c7ffda%40%3Ccommits.druid.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2eb66c182853c69ecfb52f63d3dec09495e9b65be829fd889a081ae1%40%3Cdev.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2f5c5479f99398ef344b7ebd4d90bc3316236c45d0f3bc42090efcd7%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r31f4ee7d561d56a0c2c2c6eb1d6ce3e05917ff9654fdbfec05dc2b83%40%3Ccommits.servicecomb.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3e6ae311842de4e64c5d560a475b7f9cc7e0a9a8649363c6cf7537eb%40%3Ccommits.karaf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r407538adec3185dd35a05c9a26ae2f74425b15132470cf540f41d85b%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r45e7350dfc92bb192f3f88e9971c11ab2be0953cc375be3dda5170bd%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r5b130fe668503c4b7e2caf1b16f86b7f2070fd1b7ef8f26195a2ffbd%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r5f8a1608d758936bd6bbc5eed980777437b611537bf6fff40663fc71%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r605764e05e201db33b3e9c2e66ff620658f07ad74f296abe483f7042%40%3Creviews.iotdb.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r63c87aab97155f3f3cbe11d030c4a184ea0de440ee714977db02e956%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r68d029ee74ab0f3b0569d0c05f5688cb45dd3abe96a6534735252805%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r6a4f3ef6edfed2e0884269d84798f766779bbbc1005f7884e0800d61%40%3Cdev.knox.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r6a6df5647583541e3cb71c75141008802f7025cee1c430d4ed78f4cc%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304%40%3Cdev.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r6b11eca1d646f45eb0d35d174e6b1e47cfae5295b92000856bfb6304%40%3Cusers.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r6cbd599b80e787f02ff7a1391d9278a03f37d6a6f4f943f0f01a62fb%40%3Creviews.iotdb.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r6e3d4f7991542119a4ca6330271d7fbf7b9fb3abab24ada82ddf1ee4%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r73bef1bb601a9f093f915f8075eb49fcca51efade57b817afd5def07%40%3Ccommits.iotdb.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r765283e145049df9b8998f14dcd444345555aae02b1610cfb3188bf8%40%3Cnotifications.iotdb.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r78d53a0a269c18394daf5940105dc8c7f9a2399503c2e78be20abe7e%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r7cb5b4b3e4bd41a8042e5725b7285877a17bcbf07f4eb3f7b316af60%40%3Creviews.iotdb.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r86c78bf7656fdb2dab69cbf17f3d7492300f771025f1a3a65d5e5ce5%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r8764bb835bcb8e311c882ff91dd3949c9824e905e880930be56f6ba3%40%3Cuser.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080%40%3Cdev.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r8937a7160717fe8b2221767163c4de4f65bc5466405cb1c5310f9080%40%3Cusers.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r8ae961c80930e2717c75025414ce48a432cea1137c02f648b1fb9524%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r900d4408c4189b376d1ec580ea7740ea6f8710dc2f0b7e9c9eeb5ae0%40%3Cdev.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r90d1e97b0a743cf697d89a792a9b669909cc5a1692d1e0083a22e66c%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r91722ecfba688b0c565675f8bf380269fde8ec62b54d6161db544c22%40%3Ccommits.karaf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r94c7e86e546120f157264ba5ba61fd29b3a8d530ed325a9b4fa334d7%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r95a297eb5fd1f2d3a2281f15340e2413f952e9d5503296c3adc7201a%40%3Ccommits.tomee.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r98bfe3b90ea9408f12c4b447edcb5638703d80bc782430aa0c210a54%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra1157e57a01d25e36b0dc17959ace758fc21ba36746de29ba1d8b130%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra409f798a1e5a6652b7097429b388650ccd65fd958cee0b6f69bba00%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra95faf968f3463acb3f31a6fbec31453fc5045325f99f396961886d3%40%3Cissues.flink.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/raf13235de6df1d47a717199e1ecd700dff3236632f5c9a1488d9845b%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb674520b9f6c808c1bf263b1369e14048ec3243615f35cfd24e33604%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc15e90bbef196a5c6c01659e015249d6c9a73581ca9afb8aeecf00d2%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc82ff47853289e9cd17f5cfbb053c04cafc75ee32e3d7223963f83bb%40%3Cdev.knox.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc88f2fa2b7bd6443921727aeee7704a1fb02433e722e2abf677e0d3d%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc959cdb57c4fe198316130ff4a5ecbf9d680e356032ff2e9f4f05d54%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd317f15a675d114dbf5b488d27eeb2467b4424356b16116eb18a652d%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd57c7582adc90e233f23f3727db3df9115b27a823b92374f11453f34%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd6f6bf848c2d47fa4a85c27d011d948778b8f7e58ba495968435a0b3%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdca8711bb7aa5d47a44682606cd0ea3497e2e922f22b7ee83e81e6c1%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdf9a34726482222c90d50ae1b9847881de67dde8cfde4999633d2cdc%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re16f81d3ad49a93dd2f0cba9f8fc88e5fb89f30bf9a2ad7b6f3e69c1%40%3Ccommits.karaf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re96dc7a13e13e56190a5d80f9e5440a0d0c83aeec6467b562fbf2dca%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf1809a1374041a969d77afab21fc38925de066bc97e86157d3ac3402%40%3Ccommits.karaf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6X2UT4X6M7DLQYBOOHMXBWGYJ65RL2CT/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20210108-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
RHSA-2020:4401
Vulnerability from csaf_redhat - Published: 2020-10-28 21:11 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8.
Security Fix(es):
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4401",
"url": "https://access.redhat.com/errata/RHSA-2020:4401"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4401.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:32+00:00",
"generator": {
"date": "2026-05-14T22:30:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2020:4401",
"initial_release_date": "2020-10-28T21:11:53+00:00",
"revision_history": [
{
"date": "2020-10-28T21:11:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-10-28T21:11:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product": {
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-28T21:11:53+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nFor details about how to apply this update, see:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4401"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00002.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
}
]
}
RHSA-2020:4402
Vulnerability from csaf_redhat - Published: 2020-10-28 21:06 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7.3 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3.
Security Fix(es):
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7.3 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4402",
"url": "https://access.redhat.com/errata/RHSA-2020:4402"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4402.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:32+00:00",
"generator": {
"date": "2026-05-14T22:30:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2020:4402",
"initial_release_date": "2020-10-28T21:06:51+00:00",
"revision_history": [
{
"date": "2020-10-28T21:06:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-10-28T21:06:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-28T21:06:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4402"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
}
]
}
RHSA-2020:5340
Vulnerability from csaf_redhat - Published: 2020-12-03 19:16 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.4 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)
* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)
* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)\n\n* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)\n\n* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5340",
"url": "https://access.redhat.com/errata/RHSA-2020:5340"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "JBEAP-20029",
"url": "https://issues.redhat.com/browse/JBEAP-20029"
},
{
"category": "external",
"summary": "JBEAP-20089",
"url": "https://issues.redhat.com/browse/JBEAP-20089"
},
{
"category": "external",
"summary": "JBEAP-20119",
"url": "https://issues.redhat.com/browse/JBEAP-20119"
},
{
"category": "external",
"summary": "JBEAP-20161",
"url": "https://issues.redhat.com/browse/JBEAP-20161"
},
{
"category": "external",
"summary": "JBEAP-20221",
"url": "https://issues.redhat.com/browse/JBEAP-20221"
},
{
"category": "external",
"summary": "JBEAP-20239",
"url": "https://issues.redhat.com/browse/JBEAP-20239"
},
{
"category": "external",
"summary": "JBEAP-20246",
"url": "https://issues.redhat.com/browse/JBEAP-20246"
},
{
"category": "external",
"summary": "JBEAP-20285",
"url": "https://issues.redhat.com/browse/JBEAP-20285"
},
{
"category": "external",
"summary": "JBEAP-20300",
"url": "https://issues.redhat.com/browse/JBEAP-20300"
},
{
"category": "external",
"summary": "JBEAP-20325",
"url": "https://issues.redhat.com/browse/JBEAP-20325"
},
{
"category": "external",
"summary": "JBEAP-20364",
"url": "https://issues.redhat.com/browse/JBEAP-20364"
},
{
"category": "external",
"summary": "JBEAP-20368",
"url": "https://issues.redhat.com/browse/JBEAP-20368"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5340.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.4 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:20+00:00",
"generator": {
"date": "2026-05-14T22:30:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2020:5340",
"initial_release_date": "2020-12-03T19:16:26+00:00",
"revision_history": [
{
"date": "2020-12-03T19:16:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-03T19:16:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.32-1.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.3-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-6.redhat_00016.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.10-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.10-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-java@1.0.12-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"product_id": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-msg-simple@1.1.0-1.redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"product_id": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-btf@1.2.0-1.redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-3.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.10.4-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.10.4-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.10.4-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.10.4-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.10.4-3.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-3.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-coreutils@1.6.0-1.redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.4-3.GA_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.4-3.GA_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.4-3.GA_redhat_00003.1.el6eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.11-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.32-1.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.19-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.9-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.11-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.21-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"product_id": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.3-1.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-6.redhat_00016.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.10-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"product": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"product_id": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-msg-simple@1.1.0-1.redhat_00007.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"product": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"product_id": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-btf@1.2.0-1.redhat_00007.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-3.Final_redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-1.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"product_id": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-3.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"product": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"product_id": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-coreutils@1.6.0-1.redhat_00006.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.4-3.GA_redhat_00003.1.el6eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src"
},
"product_reference": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src"
},
"product_reference": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src"
},
"product_reference": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25638",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2020-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1881353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Process Automation Manager and Red Hat Decision Manager, the kie-server-ee7 zip is primarily for Weblogic/Websphere which is decided to stay on hibernate 5.1.x, it\u0027s not possible to make an upgrade to 5.3.x due to technical reasons. For this reason this fix is included only for kie-server-ee7. For this reason there are two components for RHPAM and RHDM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25638"
},
{
"category": "external",
"summary": "RHBZ#1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638"
}
],
"release_date": "2020-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:16:26+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5340"
},
{
"category": "workaround",
"details": "Set hibernate.use_sql_comments to false, which is the default value, or use named parameters instead of literals. Please refer to details in https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#configurations-logging and https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#sql-query-parameters.",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used"
},
{
"cve": "CVE-2020-25644",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2020-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1885485"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25644"
},
{
"category": "external",
"summary": "RHBZ#1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:16:26+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5340"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL"
},
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:16:26+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5340"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
}
]
}
RHSA-2020:5341
Vulnerability from csaf_redhat - Published: 2020-12-03 19:18 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.4 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)
* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)
* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)\n\n* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)\n\n* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5341",
"url": "https://access.redhat.com/errata/RHSA-2020:5341"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "JBEAP-20029",
"url": "https://issues.redhat.com/browse/JBEAP-20029"
},
{
"category": "external",
"summary": "JBEAP-20089",
"url": "https://issues.redhat.com/browse/JBEAP-20089"
},
{
"category": "external",
"summary": "JBEAP-20119",
"url": "https://issues.redhat.com/browse/JBEAP-20119"
},
{
"category": "external",
"summary": "JBEAP-20161",
"url": "https://issues.redhat.com/browse/JBEAP-20161"
},
{
"category": "external",
"summary": "JBEAP-20222",
"url": "https://issues.redhat.com/browse/JBEAP-20222"
},
{
"category": "external",
"summary": "JBEAP-20239",
"url": "https://issues.redhat.com/browse/JBEAP-20239"
},
{
"category": "external",
"summary": "JBEAP-20246",
"url": "https://issues.redhat.com/browse/JBEAP-20246"
},
{
"category": "external",
"summary": "JBEAP-20285",
"url": "https://issues.redhat.com/browse/JBEAP-20285"
},
{
"category": "external",
"summary": "JBEAP-20300",
"url": "https://issues.redhat.com/browse/JBEAP-20300"
},
{
"category": "external",
"summary": "JBEAP-20325",
"url": "https://issues.redhat.com/browse/JBEAP-20325"
},
{
"category": "external",
"summary": "JBEAP-20364",
"url": "https://issues.redhat.com/browse/JBEAP-20364"
},
{
"category": "external",
"summary": "JBEAP-20368",
"url": "https://issues.redhat.com/browse/JBEAP-20368"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5341.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.4 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:20+00:00",
"generator": {
"date": "2026-05-14T22:30:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2020:5341",
"initial_release_date": "2020-12-03T19:18:18+00:00",
"revision_history": [
{
"date": "2020-12-03T19:18:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-03T19:18:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.32-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.3-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-6.redhat_00016.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-java@1.0.12-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"product_id": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-msg-simple@1.1.0-1.redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"product_id": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-btf@1.2.0-1.redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-3.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.10.4-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.10.4-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.10.4-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.10.4-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.10.4-3.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-3.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-coreutils@1.6.0-1.redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.4-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.4-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.4-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.4-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.4-3.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.32-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.19-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.9-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.21-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.3-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-6.redhat_00016.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.10-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"product": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"product_id": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-msg-simple@1.1.0-1.redhat_00007.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"product": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"product_id": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-btf@1.2.0-1.redhat_00007.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-3.Final_redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"product_id": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-3.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"product": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"product_id": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-coreutils@1.6.0-1.redhat_00006.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.4-3.GA_redhat_00003.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src"
},
"product_reference": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src"
},
"product_reference": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src"
},
"product_reference": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25638",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2020-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1881353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Process Automation Manager and Red Hat Decision Manager, the kie-server-ee7 zip is primarily for Weblogic/Websphere which is decided to stay on hibernate 5.1.x, it\u0027s not possible to make an upgrade to 5.3.x due to technical reasons. For this reason this fix is included only for kie-server-ee7. For this reason there are two components for RHPAM and RHDM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25638"
},
{
"category": "external",
"summary": "RHBZ#1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638"
}
],
"release_date": "2020-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:18:18+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5341"
},
{
"category": "workaround",
"details": "Set hibernate.use_sql_comments to false, which is the default value, or use named parameters instead of literals. Please refer to details in https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#configurations-logging and https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#sql-query-parameters.",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used"
},
{
"cve": "CVE-2020-25644",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2020-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1885485"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25644"
},
{
"category": "external",
"summary": "RHBZ#1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:18:18+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5341"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL"
},
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:18:18+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5341"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
}
]
}
RHSA-2020:5342
Vulnerability from csaf_redhat - Published: 2020-12-03 19:18 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.4 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)
* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)
* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
86 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)\n\n* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)\n\n* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5342",
"url": "https://access.redhat.com/errata/RHSA-2020:5342"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "JBEAP-20029",
"url": "https://issues.redhat.com/browse/JBEAP-20029"
},
{
"category": "external",
"summary": "JBEAP-20089",
"url": "https://issues.redhat.com/browse/JBEAP-20089"
},
{
"category": "external",
"summary": "JBEAP-20119",
"url": "https://issues.redhat.com/browse/JBEAP-20119"
},
{
"category": "external",
"summary": "JBEAP-20161",
"url": "https://issues.redhat.com/browse/JBEAP-20161"
},
{
"category": "external",
"summary": "JBEAP-20223",
"url": "https://issues.redhat.com/browse/JBEAP-20223"
},
{
"category": "external",
"summary": "JBEAP-20239",
"url": "https://issues.redhat.com/browse/JBEAP-20239"
},
{
"category": "external",
"summary": "JBEAP-20246",
"url": "https://issues.redhat.com/browse/JBEAP-20246"
},
{
"category": "external",
"summary": "JBEAP-20285",
"url": "https://issues.redhat.com/browse/JBEAP-20285"
},
{
"category": "external",
"summary": "JBEAP-20300",
"url": "https://issues.redhat.com/browse/JBEAP-20300"
},
{
"category": "external",
"summary": "JBEAP-20325",
"url": "https://issues.redhat.com/browse/JBEAP-20325"
},
{
"category": "external",
"summary": "JBEAP-20364",
"url": "https://issues.redhat.com/browse/JBEAP-20364"
},
{
"category": "external",
"summary": "JBEAP-20368",
"url": "https://issues.redhat.com/browse/JBEAP-20368"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5342.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.4 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:21+00:00",
"generator": {
"date": "2026-05-14T22:30:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2020:5342",
"initial_release_date": "2020-12-03T19:18:34+00:00",
"revision_history": [
{
"date": "2020-12-03T19:18:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-03T19:18:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product": {
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.32-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.3-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-6.redhat_00016.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl-java@1.0.12-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"product_id": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-msg-simple@1.1.0-1.redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"product_id": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-btf@1.2.0-1.redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-3.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.10.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.10.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.10.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.10.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.10.4-3.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-3.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"product_id": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-coreutils@1.6.0-1.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.4-3.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.4-3.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.4-3.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.11-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.32-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.19-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.9-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.11-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.21-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jasypt@1.9.3-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-6.redhat_00016.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-openssl@1.0.12-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"product": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"product_id": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-msg-simple@1.1.0-1.redhat_00007.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"product": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"product_id": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-fge-btf@1.2.0-1.redhat_00007.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-3.Final_redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"product_id": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-3.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"product": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"product_id": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-coreutils@1.6.0-1.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.4-3.GA_redhat_00003.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src"
},
"product_reference": "eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src"
},
"product_reference": "eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src"
},
"product_reference": "eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25638",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2020-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1881353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Process Automation Manager and Red Hat Decision Manager, the kie-server-ee7 zip is primarily for Weblogic/Websphere which is decided to stay on hibernate 5.1.x, it\u0027s not possible to make an upgrade to 5.3.x due to technical reasons. For this reason this fix is included only for kie-server-ee7. For this reason there are two components for RHPAM and RHDM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25638"
},
{
"category": "external",
"summary": "RHBZ#1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638"
}
],
"release_date": "2020-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:18:34+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5342"
},
{
"category": "workaround",
"details": "Set hibernate.use_sql_comments to false, which is the default value, or use named parameters instead of literals. Please refer to details in https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#configurations-logging and https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#sql-query-parameters.",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used"
},
{
"cve": "CVE-2020-25644",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2020-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1885485"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25644"
},
{
"category": "external",
"summary": "RHBZ#1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:18:34+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5342"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL"
},
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:18:34+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5342"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-6.redhat_00016.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-6.redhat_00016.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-btf-0:1.2.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-fge-msg-simple-0:1.1.0-1.redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-coreutils-0:1.6.0-1.redhat_00006.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-3.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jasypt-0:1.9.3-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-0:2.0.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-marshalling-river-0:2.0.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-remoting-0:5.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-3.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-3.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.32-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.4-3.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.4-3.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-openssl-java-0:1.0.12-1.Final_redhat_00001.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
}
]
}
RHSA-2020:5344
Vulnerability from csaf_redhat - Published: 2020-12-03 19:13 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.4 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)
* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)
* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Enterprise Application Platform 7
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (CVE-2020-25649)\n\n* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)\n\n* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5344",
"url": "https://access.redhat.com/errata/RHSA-2020:5344"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "JBEAP-20029",
"url": "https://issues.redhat.com/browse/JBEAP-20029"
},
{
"category": "external",
"summary": "JBEAP-20089",
"url": "https://issues.redhat.com/browse/JBEAP-20089"
},
{
"category": "external",
"summary": "JBEAP-20119",
"url": "https://issues.redhat.com/browse/JBEAP-20119"
},
{
"category": "external",
"summary": "JBEAP-20161",
"url": "https://issues.redhat.com/browse/JBEAP-20161"
},
{
"category": "external",
"summary": "JBEAP-20239",
"url": "https://issues.redhat.com/browse/JBEAP-20239"
},
{
"category": "external",
"summary": "JBEAP-20246",
"url": "https://issues.redhat.com/browse/JBEAP-20246"
},
{
"category": "external",
"summary": "JBEAP-20285",
"url": "https://issues.redhat.com/browse/JBEAP-20285"
},
{
"category": "external",
"summary": "JBEAP-20300",
"url": "https://issues.redhat.com/browse/JBEAP-20300"
},
{
"category": "external",
"summary": "JBEAP-20325",
"url": "https://issues.redhat.com/browse/JBEAP-20325"
},
{
"category": "external",
"summary": "JBEAP-20364",
"url": "https://issues.redhat.com/browse/JBEAP-20364"
},
{
"category": "external",
"summary": "JBEAP-20368",
"url": "https://issues.redhat.com/browse/JBEAP-20368"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5344.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.4 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:21+00:00",
"generator": {
"date": "2026-05-14T22:30:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2020:5344",
"initial_release_date": "2020-12-03T19:13:10+00:00",
"revision_history": [
{
"date": "2020-12-03T19:13:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-03T19:13:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25638",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2020-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1881353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Process Automation Manager and Red Hat Decision Manager, the kie-server-ee7 zip is primarily for Weblogic/Websphere which is decided to stay on hibernate 5.1.x, it\u0027s not possible to make an upgrade to 5.3.x due to technical reasons. For this reason this fix is included only for kie-server-ee7. For this reason there are two components for RHPAM and RHDM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25638"
},
{
"category": "external",
"summary": "RHBZ#1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638"
}
],
"release_date": "2020-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:13:10+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5344"
},
{
"category": "workaround",
"details": "Set hibernate.use_sql_comments to false, which is the default value, or use named parameters instead of literals. Please refer to details in https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#configurations-logging and https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#sql-query-parameters.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used"
},
{
"cve": "CVE-2020-25644",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2020-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1885485"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25644"
},
{
"category": "external",
"summary": "RHBZ#1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:13:10+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5344"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL"
},
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-03T19:13:10+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5344"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
}
]
}
RHSA-2020:5361
Vulnerability from csaf_redhat - Published: 2020-12-16 07:20 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat build of Thorntail 2.7.2 security and bug fix update
Severity
Important
Notes
Topic: An update is now available for Red Hat build of Thorntail.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details: This release of Red Hat build of Thorntail 2.7.2 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.
Security Fix(es):
* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)
* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)
* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)
* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used
(CVE-2020-25638)
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)
For more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.
5.7 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHOAR
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHOAR
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, handled between garbage collection cycles, may allow the attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHOAR
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHOAR
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHOAR
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
31 references
Acknowledgments
Red Hat
Darran Lofthouse
Red Hat
Masafumi Miura
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Thorntail.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Thorntail 2.7.2 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299)\n\n* xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340)\n\n* wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338)\n\n* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used \n(CVE-2020-25638)\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5361",
"url": "https://access.redhat.com/errata/RHSA-2020:5361"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.thorntail\u0026version=2.7.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.thorntail\u0026version=2.7.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/"
},
{
"category": "external",
"summary": "1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5361.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Thorntail 2.7.2 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-14T22:30:21+00:00",
"generator": {
"date": "2026-05-14T22:30:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2020:5361",
"initial_release_date": "2020-12-16T07:20:21+00:00",
"revision_history": [
{
"date": "2020-12-16T07:20:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-16T07:20:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Text-Only RHOAR",
"product": {
"name": "Text-Only RHOAR",
"product_id": "Text-Only RHOAR",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Darran Lofthouse"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14299",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2020-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848533"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14299"
},
{
"category": "external",
"summary": "RHBZ#1848533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14299",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14299"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14299"
}
],
"release_date": "2020-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T07:20:21+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5361"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketbox: JBoss EAP reload to admin-only mode allows authentication bypass"
},
{
"cve": "CVE-2020-14338",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the \"use-grammar-pool-only\" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14338"
},
{
"category": "external",
"summary": "RHBZ#1860054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14338",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14338"
}
],
"release_date": "2020-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T07:20:21+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5361"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl"
},
{
"acknowledgments": [
{
"names": [
"Masafumi Miura"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14340",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860218"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in xnio. A file descriptor leak caused by growing amounts of NIO Selector file, handled between garbage collection cycles, may allow the attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14340"
},
{
"category": "external",
"summary": "RHBZ#1860218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860218"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14340",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14340"
}
],
"release_date": "2020-07-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T07:20:21+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5361"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS"
},
{
"cve": "CVE-2020-25638",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2020-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1881353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Process Automation Manager and Red Hat Decision Manager, the kie-server-ee7 zip is primarily for Weblogic/Websphere which is decided to stay on hibernate 5.1.x, it\u0027s not possible to make an upgrade to 5.3.x due to technical reasons. For this reason this fix is included only for kie-server-ee7. For this reason there are two components for RHPAM and RHDM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25638"
},
{
"category": "external",
"summary": "RHBZ#1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638"
}
],
"release_date": "2020-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T07:20:21+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5361"
},
{
"category": "workaround",
"details": "Set hibernate.use_sql_comments to false, which is the default value, or use named parameters instead of literals. Please refer to details in https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#configurations-logging and https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#sql-query-parameters.",
"product_ids": [
"Text-Only RHOAR"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used"
},
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T07:20:21+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5361"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"Text-Only RHOAR"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
}
]
}
RHSA-2020:5410
Vulnerability from csaf_redhat - Published: 2020-12-14 17:52 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat Data Grid 7.3.8 security update
Severity
Important
Notes
Topic: An update for Red Hat Data Grid is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.
This release of Red Hat Data Grid 7.3.8 serves as a replacement for Red Hat Data Grid 7.3.7 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.
Security Fix(es):
* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 7.3.8
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:7.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 7.3.8
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:7.3
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.\n\nThis release of Red Hat Data Grid 7.3.8 serves as a replacement for Red Hat Data Grid 7.3.7 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.\n\nSecurity Fix(es):\n\n* wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL (CVE-2020-25644)\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5410",
"url": "https://access.redhat.com/errata/RHSA-2020:5410"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/"
},
{
"category": "external",
"summary": "1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5410.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 7.3.8 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:43+00:00",
"generator": {
"date": "2026-05-14T22:30:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2020:5410",
"initial_release_date": "2020-12-14T17:52:08+00:00",
"revision_history": [
{
"date": "2020-12-14T17:52:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-14T17:52:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid 7.3.8",
"product": {
"name": "Red Hat Data Grid 7.3.8",
"product_id": "Red Hat Data Grid 7.3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25644",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2020-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1885485"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. This flaw allows an attacker to cause an Out of memory (OOM) issue, leading to a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 7.3.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25644"
},
{
"category": "external",
"summary": "RHBZ#1885485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885485"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25644"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25644"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-14T17:52:08+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.8 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.8 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 7.3.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5410"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat Data Grid 7.3.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 7.3.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL"
},
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 7.3.8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-14T17:52:08+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.8 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.8 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid 7.3.8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5410"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"Red Hat Data Grid 7.3.8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 7.3.8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
}
]
}
RHSA-2020:5533
Vulnerability from csaf_redhat - Published: 2020-12-15 17:14 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.4.4 security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.4.4 serves as a replacement for Red Hat Single Sign-On 7.4.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* redhat-sso-7-openshift-containers: /etc/passwd is given incorrect privileges (CVE-2020-10695)
* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)
* keycloak: Account REST API can update user metadata attributes (CVE-2020-27826)
* keycloak-nodejs-connect: nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their privileges.
7.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHSSO
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Elliptic for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.
7.7 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHSSO
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHSSO
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHSSO
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application.
4.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Text-Only RHSSO
Red Hat / Red Hat Single Sign-On
|
cpe:/a:redhat:red_hat_single_sign_on
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
References
31 references
Acknowledgments
SPR Inc.
Joseph LaMagna-Reiter
Red Hat
Marek Posolda
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.4.4 serves as a replacement for Red Hat Single Sign-On 7.4.3, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* redhat-sso-7-openshift-containers: /etc/passwd is given incorrect privileges (CVE-2020-10695)\n* hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used (CVE-2020-25638)\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n* keycloak: Account REST API can update user metadata attributes (CVE-2020-27826)\n* keycloak-nodejs-connect: nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5533",
"url": "https://access.redhat.com/errata/RHSA-2020:5533"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1817530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817530"
},
{
"category": "external",
"summary": "1848647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647"
},
{
"category": "external",
"summary": "1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "1905089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905089"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5533.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.4.4 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:21+00:00",
"generator": {
"date": "2026-05-14T22:30:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2020:5533",
"initial_release_date": "2020-12-15T17:14:01+00:00",
"revision_history": [
{
"date": "2020-12-15T17:14:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-15T17:14:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Text-Only RHSSO",
"product": {
"name": "Text-Only RHSSO",
"product_id": "Text-Only RHSSO",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Joseph LaMagna-Reiter"
],
"organization": "SPR Inc."
}
],
"cve": "CVE-2020-10695",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2020-03-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1817530"
}
],
"notes": [
{
"category": "description",
"text": "An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containers/redhat-sso-7: /etc/passwd is given incorrect privileges",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHSSO"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10695"
},
{
"category": "external",
"summary": "RHBZ#1817530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817530"
},
{
"category": "external",
"summary": "RHSB-4859371",
"url": "https://access.redhat.com/articles/4859371"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10695"
}
],
"release_date": "2020-01-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-15T17:14:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Text-Only RHSSO"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Text-Only RHSSO"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "containers/redhat-sso-7: /etc/passwd is given incorrect privileges"
},
{
"cve": "CVE-2020-13822",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2020-06-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848647"
}
],
"notes": [
{
"category": "description",
"text": "The Elliptic for Node.js allows ECDSA signature malleability via variations in encoding, leading \u0027\\0\u0027 bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In both OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM), the grafana and prometheus containers don\u0027t use the vulnerable elliptic library for authentication (OpenShift OAuth is used) or traffic communications (OpenShift route is used). Therefore the impact for OCP and OSSM is Low.\n\nRed Hat Quay includes nodejs-elliptic as a dependency of webpack. That dependency is only used at development time, not runtime. Therefore this vulnerability is rated low for Red Hat Quay.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHSSO"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13822"
},
{
"category": "external",
"summary": "RHBZ#1848647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13822",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13822"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484",
"url": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484"
}
],
"release_date": "2020-06-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-15T17:14:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Text-Only RHSSO"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Text-Only RHSSO"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures"
},
{
"cve": "CVE-2020-25638",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2020-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1881353"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Process Automation Manager and Red Hat Decision Manager, the kie-server-ee7 zip is primarily for Weblogic/Websphere which is decided to stay on hibernate 5.1.x, it\u0027s not possible to make an upgrade to 5.3.x due to technical reasons. For this reason this fix is included only for kie-server-ee7. For this reason there are two components for RHPAM and RHDM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHSSO"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25638"
},
{
"category": "external",
"summary": "RHBZ#1881353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25638"
}
],
"release_date": "2020-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-15T17:14:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Text-Only RHSSO"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5533"
},
{
"category": "workaround",
"details": "Set hibernate.use_sql_comments to false, which is the default value, or use named parameters instead of literals. Please refer to details in https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#configurations-logging and https://docs.jboss.org/hibernate/orm/5.4/userguide/html_single/Hibernate_User_Guide.html#sql-query-parameters.",
"product_ids": [
"Text-Only RHSSO"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHSSO"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used"
},
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHSSO"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-15T17:14:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Text-Only RHSSO"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5533"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"Text-Only RHSSO"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHSSO"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
},
{
"acknowledgments": [
{
"names": [
"Marek Posolda"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-27826",
"cwe": {
"id": "CWE-250",
"name": "Execution with Unnecessary Privileges"
},
"discovery_date": "2020-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user\u0027s metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Account REST API can update user metadata attributes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHSSO"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27826"
},
{
"category": "external",
"summary": "RHBZ#1905089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27826",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27826"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27826",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27826"
}
],
"release_date": "2020-12-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-15T17:14:01+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Text-Only RHSSO"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5533"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHSSO"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Account REST API can update user metadata attributes"
}
]
}
RHSA-2021:0381
Vulnerability from csaf_redhat - Published: 2021-02-02 13:57 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: RHV-M(ovirt-engine) 4.4.z security, bug fix, enhancement update [ovirt-4.4.4]
Severity
Low
Notes
Topic: Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer (REST) Application Programming Interface (API).
Security Fix(es):
* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Red Hat Virtualization Manager now requires Ansible 2.9.15. (BZ#1901946)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
7.5 (High)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:rhvm-0:4.4.4.5-0.10.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.src | — |
Workaround
|
Threats
Impact
Low
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nThe Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer (REST) Application Programming Interface (API).\n\nSecurity Fix(es):\n\n* jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Red Hat Virtualization Manager now requires Ansible 2.9.15. (BZ#1901946)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0381",
"url": "https://access.redhat.com/errata/RHSA-2021:0381"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "1627997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1627997"
},
{
"category": "external",
"summary": "1702237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702237"
},
{
"category": "external",
"summary": "1796231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796231"
},
{
"category": "external",
"summary": "1868114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868114"
},
{
"category": "external",
"summary": "1875951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875951"
},
{
"category": "external",
"summary": "1879655",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879655"
},
{
"category": "external",
"summary": "1880015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880015"
},
{
"category": "external",
"summary": "1881115",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881115"
},
{
"category": "external",
"summary": "1881357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881357"
},
{
"category": "external",
"summary": "1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "1893035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893035"
},
{
"category": "external",
"summary": "1894298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894298"
},
{
"category": "external",
"summary": "1901946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901946"
},
{
"category": "external",
"summary": "1903385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903385"
},
{
"category": "external",
"summary": "1903595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903595"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0381.json"
}
],
"title": "Red Hat Security Advisory: RHV-M(ovirt-engine) 4.4.z security, bug fix, enhancement update [ovirt-4.4.4]",
"tracking": {
"current_release_date": "2026-05-14T22:30:34+00:00",
"generator": {
"date": "2026-05-14T22:30:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0381",
"initial_release_date": "2021-02-02T13:57:58+00:00",
"revision_history": [
{
"date": "2021-02-02T13:57:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-02-02T13:57:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product": {
"name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.4:el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch",
"product": {
"name": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch",
"product_id": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.6.0-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.4.4.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.4.4.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch",
"product": {
"name": "ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch",
"product_id": "ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.4.4.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch",
"product": {
"name": "rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch",
"product_id": "rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.7-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.6.6-1.el8ev.noarch",
"product": {
"name": "ovirt-web-ui-0:1.6.6-1.el8ev.noarch",
"product_id": "ovirt-web-ui-0:1.6.6-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.6.6-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch",
"product_id": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.6-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-backend@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dbscripts@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-restapi@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-base@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-tools-backup@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-lib@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhvm-0:4.4.4.5-0.10.el8ev.noarch",
"product": {
"name": "rhvm-0:4.4.4.5-0.10.el8ev.noarch",
"product_id": "rhvm-0:4.4.4.5-0.10.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm@4.4.4.5-0.10.el8ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src",
"product": {
"name": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src",
"product_id": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.6.0-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src",
"product": {
"name": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src",
"product_id": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.4.4.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rhvm-branding-rhv-0:4.4.7-1.el8ev.src",
"product": {
"name": "rhvm-branding-rhv-0:4.4.7-1.el8ev.src",
"product_id": "rhvm-branding-rhv-0:4.4.7-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.7-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-web-ui-0:1.6.6-1.el8ev.src",
"product": {
"name": "ovirt-web-ui-0:1.6.6-1.el8ev.src",
"product_id": "ovirt-web-ui-0:1.6.6-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-web-ui@1.6.6-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src",
"product": {
"name": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src",
"product_id": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.6-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-engine-0:4.4.4.5-0.10.el8ev.src",
"product": {
"name": "ovirt-engine-0:4.4.4.5-0.10.el8ev.src",
"product_id": "ovirt-engine-0:4.4.4.5-0.10.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine@4.4.4.5-0.10.el8ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-0:4.4.4.5-0.10.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.src"
},
"product_reference": "ovirt-engine-0:4.4.4.5-0.10.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src"
},
"product_reference": "ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch"
},
"product_reference": "ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.6.6-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.noarch"
},
"product_reference": "ovirt-web-ui-0:1.6.6-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-web-ui-0:1.6.6-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.src"
},
"product_reference": "ovirt-web-ui-0:1.6.6-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src"
},
"product_reference": "rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-0:4.4.4.5-0.10.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-0:4.4.4.5-0.10.el8ev.noarch"
},
"product_reference": "rhvm-0:4.4.4.5-0.10.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch"
},
"product_reference": "rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhvm-branding-rhv-0:4.4.7-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.src"
},
"product_reference": "rhvm-branding-rhv-0:4.4.7-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch"
},
"product_reference": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-RHV-S-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4",
"product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src"
},
"product_reference": "vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src",
"relates_to_product_reference": "8Base-RHV-S-4.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25649",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2020-08-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1887664"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Enterprise Linux 8 ships a vulnerable version of jackson-databind in the pki-deps:10.6 module. pki-deps:10.6 is for pki-core dependencies, but pki-core does not use the vulnerable DOMDeserializer class and thus has been set to low impact. Future updates may include fixed version of jackson-databind.\n\n* Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind code. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\n* Red Hat Virtualization ships a vulnerable version of jackson-databind, however the vulnerable DOMDeserializer class is not used in the code, therefore reducing impact to low.\n\n* Red Hat OpenShift Container Platform (OCP) ships a vulnerable version of jackson-databind, but in the affected containers the DOMDeserializer class is not used. Additionally access to the containers is restricted to authenticated users only (OpenShift OAuth authentication) reducing the severity of this vulnerability to Low.\nIn OCP 4 there are no plans to maintain ose-logging-elasticsearch5 container, hence marked as wontfix.\n\n* Red Hat Satellite ships affected version of jackson-databind through Candlepin, however, product code does not use DOMDeserializer class and jackson-databind in a vulnerable way. Thus impact has been set to low. A future release may update jackson-databind to a fixed version.\n\n* Red Hat Single Sign-On (RH-SSO) ships affected version of jackson-databind, however, none of the product code is using the affected class (DOMDeserializer). Thus impact has been set to low. RH-SSO will consume the fixed artifact from EAP in the next CP.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src"
],
"known_not_affected": [
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25649"
},
{
"category": "external",
"summary": "RHBZ#1887664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887664"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25649"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2589",
"url": "https://github.com/FasterXML/jackson-databind/issues/2589"
}
],
"release_date": "2020-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-02T13:57:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0381"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this flaw.",
"product_ids": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-0:4.4.4.5-0.10.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-backend-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.4.4.2-1.el8ev.src",
"8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.4.4.2-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:ovirt-web-ui-0:1.6.6-1.el8ev.src",
"8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.6-1.el8ev.src",
"8Base-RHV-S-4.4:rhvm-0:4.4.4.5-0.10.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.noarch",
"8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.7-1.el8ev.src",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.noarch",
"8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.6.0-1.el8ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…