Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-8908 (GCVE-0-2020-8908)
Vulnerability from cvelistv5 – Published: 2020-12-10 22:10 – Updated: 2024-08-04 10:12
VLAI
EPSS
Title
Temp directory permission issue in Guava
Summary
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
Severity
CWE
- CWE-378 - Creation of Temporary File With Insecure Permissions
Assigner
References
43 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Google LLC | Guava |
Affected:
1.0 , < 32.0
(custom)
|
Credits
Jonathan Leitschuh
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:12:10.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/google/guava/issues/4011"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch master updated: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch 2_3_x-fixes updated: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 03/04: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 02/02: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210127 Re: Items for our (delayed) quarterly report to the board?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210128 Antwort: Re: Items for our (delayed) quarterly report to the board?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[myfaces-dev] 20210506 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #817: build: CVE fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz edited a comment on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] cgivre commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210619 [GitHub] [drill] luocooong commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Updated] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi opened a new pull request #3561: Yarn 10980",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hive-dev] 20211018 [jira] [Created] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi edited a comment on pull request #3561: YARN-10980:fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Updated] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Work logged] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Comment Edited] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hive-gitbox] 20211018 [GitHub] [hive] lujiefsi opened a new pull request #2725: HIVE-25617:fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Commented] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Created] (GEODE-9744) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug like CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) like CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "[pig-dev] 20211021 [GitHub] [pig] lujiefsi opened a new pull request #36: PIG-5417:Replace guava\u0027s Files.createTempDir()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Guava",
"vendor": "Google LLC",
"versions": [
{
"lessThan": "32.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jonathan Leitschuh"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\u003c/p\u003e"
}
],
"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-378",
"description": "CWE-378: Creation of Temporary File With Insecure Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-06T09:48:41.702Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/google/guava/issues/4011"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch master updated: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch 2_3_x-fixes updated: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 03/04: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 02/02: Updating Guava to 30.1 due to CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210127 Re: Items for our (delayed) quarterly report to the board?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210128 Antwort: Re: Items for our (delayed) quarterly report to the board?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[myfaces-dev] 20210506 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #817: build: CVE fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz edited a comment on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] cgivre commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210619 [GitHub] [drill] luocooong commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Updated] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi opened a new pull request #3561: Yarn 10980",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hive-dev] 20211018 [jira] [Created] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi edited a comment on pull request #3561: YARN-10980:fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Updated] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Work logged] (HIVE-25617) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Comment Edited] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hive-gitbox] 20211018 [GitHub] [hive] lujiefsi opened a new pull request #2725: HIVE-25617:fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Commented] (YARN-10980) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Created] (GEODE-9744) fix CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug like CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) like CVE-2020-8908",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "[pig-dev] 20211021 [GitHub] [pig] lujiefsi opened a new pull request #36: PIG-5417:Replace guava\u0027s Files.createTempDir()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Temp directory permission issue in Guava",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2020-8908",
"STATE": "PUBLIC",
"TITLE": "Temp directory permission issue in Guava"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Guava",
"version": {
"version_data": [
{
"version_affected": "\u003e",
"version_name": "stable",
"version_value": "9.09.15"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jonathan Leitschuh"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-378: Creation of Temporary File With Insecure Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/google/guava/issues/4011",
"refsource": "CONFIRM",
"url": "https://github.com/google/guava/issues/4011"
},
{
"name": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40",
"refsource": "CONFIRM",
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"name": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch master updated: Updating Guava to 30.1 due to CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E"
},
{
"name": "[ws-commits] 20210104 [ws-wss4j] branch 2_3_x-fixes updated: Updating Guava to 30.1 due to CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 03/04: Updating Guava to 30.1 due to CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "[cxf-commits] 20210104 [cxf] 02/02: Updating Guava to 30.1 due to CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210127 Re: Items for our (delayed) quarterly report to the board?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[db-torque-dev] 20210128 Antwort: Re: Items for our (delayed) quarterly report to the board?",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "[pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[myfaces-dev] 20210506 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #817: build: CVE fix",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E"
},
{
"name": "[arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz edited a comment on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] ssainz commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210618 [GitHub] [drill] cgivre commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20210619 [GitHub] [drill] luocooong commented on issue #2260: CVE-2020-8908 in Guava v.28.2-jre, should upgrade to v.30.1.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Updated] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi opened a new pull request #3561: Yarn 10980",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Created] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-dev] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "[hive-dev] 20211018 [jira] [Created] (HIVE-25617) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E"
},
{
"name": "[hadoop-common-issues] 20211018 [GitHub] [hadoop] lujiefsi edited a comment on pull request #3561: YARN-10980:fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Updated] (HIVE-25617) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hive-issues] 20211018 [jira] [Work logged] (HIVE-25617) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Comment Edited] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Resolved] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[hive-gitbox] 20211018 [GitHub] [hive] lujiefsi opened a new pull request #2725: HIVE-25617:fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E"
},
{
"name": "[hadoop-yarn-issues] 20211018 [jira] [Commented] (YARN-10980) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Created] (GEODE-9744) fix CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug like CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) bug CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E"
},
{
"name": "[geode-issues] 20211018 [jira] [Updated] (GEODE-9744) like CVE-2020-8908",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "[pig-dev] 20211021 [GitHub] [pig] lujiefsi opened a new pull request #36: PIG-5417:Replace guava\u0027s Files.createTempDir()",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220210-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2020-8908",
"datePublished": "2020-12-10T22:10:58.000Z",
"dateReserved": "2020-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:12:10.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-8908",
"date": "2026-05-29",
"epss": "0.00072",
"percentile": "0.22079"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-8908\",\"sourceIdentifier\":\"cve-coordination@google.com\",\"published\":\"2020-12-10T23:15:13.973\",\"lastModified\":\"2026-02-23T21:17:30.437\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad en la creaci\u00f3n de directorios temporales en todas las versiones de Guava, que permite a un atacante con acceso a la m\u00e1quina acceder potencialmente a los datos de un directorio temporal creado por la API de Guava com.google.common.io.Files.createTempDir(). Por defecto, en los sistemas de tipo unix, el directorio creado es legible por el mundo (legible por un atacante con acceso al sistema). El m\u00e9todo en cuesti\u00f3n ha sido marcado como @Deprecated en las versiones 30.0 y posteriores y no debe ser utilizado. Para los desarrolladores de Android, recomendamos elegir una API de directorio temporal proporcionada por Android, como context.getCacheDir(). Para otros desarrolladores de Java, recomendamos migrar a la API de Java 7 java.nio.file.Files.createTempDirectory() que configura expl\u00edcitamente los permisos de 700, o configurar la propiedad del sistema java.io.tmpdir del tiempo de ejecuci\u00f3n de Java para que apunte a una ubicaci\u00f3n cuyos permisos est\u00e9n configurados adecuadamente\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-378\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"32.0.0\",\"matchCriteriaId\":\"F0FA9B26-6D87-4FE1-B719-EC4770B5418D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.11.4\",\"matchCriteriaId\":\"89306BA8-9E5C-49F6-AB32-B78BE1D831F0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A3622F5-5976-4BBC-A147-FC8A6431EA79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADE6EF8F-1F05-429B-A916-76FDB20CEB81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A28F42F0-FBDA-4574-AD30-7A04F27FEA3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"129CA55C-C770-4D42-BD17-9011F3AC93C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9901F6BA-78D5-45B8-9409-07FF1C6DDD38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FADE563-5AAA-42FF-B43F-35B20A2386C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.3\",\"matchCriteriaId\":\"D04565AE-D092-4AE0-8FEE-0E8114662A1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E416B-920B-49A0-9523-382898C2979D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8AF00C6-B97F-414D-A8DF-057E6BFD8597\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"16.0\",\"versionEndIncluding\":\"19.0\",\"matchCriteriaId\":\"B92BB355-DB00-438E-84E5-8EC007009576\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04BCDC24-4A21-473C-8733-0D9CFB38A752\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E463039-5E48-4AA0-A42B-081053FA0111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38340E3C-C452-4370-86D4-355B6B4E0A06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9C55C69-E22E-4B80-9371-5CD821D79FE2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*\",\"matchCriteriaId\":\"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"}]}]}],\"references\":[{\"url\":\"https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/google/guava/issues/4011\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220210-0003/\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/google/guava/issues/4011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220210-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
cleanstart-2026-wk99982
Vulnerability from cleanstart
Published
2026-05-18 13:11
Modified
2026-05-14 06:06
Summary
Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-2047, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-36364, CVE-2022-41881, CVE-2023-20861, CVE-2023-20863, CVE-2023-26048, CVE-2023-26049, CVE-2023-2976, CVE-2023-34462, CVE-2023-36479, CVE-2023-40167, CVE-2023-41900, CVE-2023-42503, CVE-2023-44981, CVE-2024-13009, CVE-2024-23454, CVE-2024-23944, CVE-2024-25710, CVE-2024-26308, CVE-2024-29131, CVE-2024-29133, CVE-2024-38808, CVE-2024-38820, CVE-2024-38827, CVE-2024-47554, CVE-2024-47561, CVE-2024-52046, CVE-2024-6763, CVE-2024-7254, CVE-2024-8184, CVE-2025-11143, CVE-2025-22233, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-40490, CVE-2026-41417, CVE-2026-42578, CVE-2026-42579, CVE-2026-42583, CVE-2026-42586, CVE-2026-44248, CVE-2026-5588, ghsa-58qw-p7qm-5rvh, ghsa-72hv-8253-57qq, ghsa-mj4r-2hfc-f8p6 applied in versions: 4.0.1-r0, 4.0.1-r1, 4.0.1-r2
Details
Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details.
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "apache-hive"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the apache-hive package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-WK99982",
"modified": "2026-05-14T06:06:15Z",
"published": "2026-05-18T13:11:47.355078Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-WK99982.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2018-10237"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8908"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22569"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-22570"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-2047"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-3171"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-3509"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-3510"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-36364"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-41881"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20861"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-20863"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-26048"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-26049"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-2976"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-34462"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-36479"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-40167"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-41900"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-42503"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-44981"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-13009"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23454"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23944"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-25710"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-26308"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-29131"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-29133"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-38808"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-38820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-38827"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-47554"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-47561"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-52046"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-6763"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7254"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-8184"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-11143"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22233"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-24970"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-25193"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-27821"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-41249"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-48734"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-48924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-49128"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-52999"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-53864"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-55163"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58056"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58057"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-59419"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-67735"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68161"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-8916"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24308"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33870"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-40490"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42586"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-44248"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-58qw-p7qm-5rvh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22569"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22570"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2047"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3509"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3510"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36364"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20863"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26048"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26049"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34462"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36479"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40167"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41900"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42503"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44981"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13009"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23454"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23944"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29131"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29133"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38808"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38827"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47561"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52046"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6763"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7254"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8184"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11143"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22233"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24970"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25193"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27821"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-41249"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48734"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48924"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49128"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52999"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53864"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55163"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58057"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59419"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67735"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68161"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8916"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24308"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40490"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42586"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44248"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2018-10237, CVE-2020-8908, CVE-2021-22569, CVE-2021-22570, CVE-2022-2047, CVE-2022-3171, CVE-2022-3509, CVE-2022-3510, CVE-2022-36364, CVE-2022-41881, CVE-2023-20861, CVE-2023-20863, CVE-2023-26048, CVE-2023-26049, CVE-2023-2976, CVE-2023-34462, CVE-2023-36479, CVE-2023-40167, CVE-2023-41900, CVE-2023-42503, CVE-2023-44981, CVE-2024-13009, CVE-2024-23454, CVE-2024-23944, CVE-2024-25710, CVE-2024-26308, CVE-2024-29131, CVE-2024-29133, CVE-2024-38808, CVE-2024-38820, CVE-2024-38827, CVE-2024-47554, CVE-2024-47561, CVE-2024-52046, CVE-2024-6763, CVE-2024-7254, CVE-2024-8184, CVE-2025-11143, CVE-2025-22233, CVE-2025-24970, CVE-2025-25193, CVE-2025-27821, CVE-2025-41249, CVE-2025-48734, CVE-2025-48924, CVE-2025-49128, CVE-2025-52999, CVE-2025-53864, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, CVE-2025-59419, CVE-2025-67735, CVE-2025-68161, CVE-2025-8916, CVE-2026-24281, CVE-2026-24308, CVE-2026-33870, CVE-2026-33871, CVE-2026-40490, CVE-2026-41417, CVE-2026-42578, CVE-2026-42579, CVE-2026-42583, CVE-2026-42586, CVE-2026-44248, CVE-2026-5588, ghsa-58qw-p7qm-5rvh, ghsa-72hv-8253-57qq, ghsa-mj4r-2hfc-f8p6 applied in versions: 4.0.1-r0, 4.0.1-r1, 4.0.1-r2",
"upstream": [
"CVE-2018-10237",
"CVE-2020-8908",
"CVE-2021-22569",
"CVE-2021-22570",
"CVE-2022-2047",
"CVE-2022-3171",
"CVE-2022-3509",
"CVE-2022-3510",
"CVE-2022-36364",
"CVE-2022-41881",
"CVE-2023-20861",
"CVE-2023-20863",
"CVE-2023-26048",
"CVE-2023-26049",
"CVE-2023-2976",
"CVE-2023-34462",
"CVE-2023-36479",
"CVE-2023-40167",
"CVE-2023-41900",
"CVE-2023-42503",
"CVE-2023-44981",
"CVE-2024-13009",
"CVE-2024-23454",
"CVE-2024-23944",
"CVE-2024-25710",
"CVE-2024-26308",
"CVE-2024-29131",
"CVE-2024-29133",
"CVE-2024-38808",
"CVE-2024-38820",
"CVE-2024-38827",
"CVE-2024-47554",
"CVE-2024-47561",
"CVE-2024-52046",
"CVE-2024-6763",
"CVE-2024-7254",
"CVE-2024-8184",
"CVE-2025-11143",
"CVE-2025-22233",
"CVE-2025-24970",
"CVE-2025-25193",
"CVE-2025-27821",
"CVE-2025-41249",
"CVE-2025-48734",
"CVE-2025-48924",
"CVE-2025-49128",
"CVE-2025-52999",
"CVE-2025-53864",
"CVE-2025-55163",
"CVE-2025-58056",
"CVE-2025-58057",
"CVE-2025-59419",
"CVE-2025-67735",
"CVE-2025-68161",
"CVE-2025-8916",
"CVE-2026-24281",
"CVE-2026-24308",
"CVE-2026-33870",
"CVE-2026-33871",
"CVE-2026-40490",
"CVE-2026-41417",
"CVE-2026-42578",
"CVE-2026-42579",
"CVE-2026-42583",
"CVE-2026-42586",
"CVE-2026-44248",
"CVE-2026-5588",
"ghsa-58qw-p7qm-5rvh",
"ghsa-72hv-8253-57qq",
"ghsa-mj4r-2hfc-f8p6"
]
}
Title
Google Guava访问控制错误漏洞
Description
Google Guava是美国谷歌(Google)公司的一款包括图形库、函数类型、I/O和字符串处理等的Java核心库。
Guava 30.0版本之前存在访问控制错误漏洞,该漏洞源于Guava存在一个临时目录创建漏洞,允许访问机器的攻击者可利用该漏洞潜在地访问由Guava com.google.common.io.Files.createTempDir()创建的临时目录中的数据。攻击者可以利用该漏洞访问特殊目录。
Severity
低
Patch Name
Google Guava访问控制错误漏洞的补丁
Patch Description
Google Guava是美国谷歌(Google)公司的一款包括图形库、函数类型、I/O和字符串处理等的Java核心库。
Guava 30.0版本之前存在访问控制错误漏洞,该漏洞源于Guava存在一个临时目录创建漏洞,允许访问机器的攻击者可利用该漏洞潜在地访问由Guava com.google.common.io.Files.createTempDir()创建的临时目录中的数据。攻击者可以利用该漏洞访问特殊目录。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://github.com/google/guava/issues/4011
Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-8908
Impacted products
| Name | Google Google Guava <30.0 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-8908",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
},
"description": "Google Guava\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5305\u62ec\u56fe\u5f62\u5e93\u3001\u51fd\u6570\u7c7b\u578b\u3001I/O\u548c\u5b57\u7b26\u4e32\u5904\u7406\u7b49\u7684Java\u6838\u5fc3\u5e93\u3002\n\nGuava 30.0\u7248\u672c\u4e4b\u524d\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eGuava\u5b58\u5728\u4e00\u4e2a\u4e34\u65f6\u76ee\u5f55\u521b\u5efa\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8bbf\u95ee\u673a\u5668\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6f5c\u5728\u5730\u8bbf\u95ee\u7531Guava com.google.common.io.Files.createTempDir()\u521b\u5efa\u7684\u4e34\u65f6\u76ee\u5f55\u4e2d\u7684\u6570\u636e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u7279\u6b8a\u76ee\u5f55\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/google/guava/issues/4011",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-31252",
"openTime": "2021-04-27",
"patchDescription": "Google Guava\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u5305\u62ec\u56fe\u5f62\u5e93\u3001\u51fd\u6570\u7c7b\u578b\u3001I/O\u548c\u5b57\u7b26\u4e32\u5904\u7406\u7b49\u7684Java\u6838\u5fc3\u5e93\u3002\r\n\r\nGuava 30.0\u7248\u672c\u4e4b\u524d\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eGuava\u5b58\u5728\u4e00\u4e2a\u4e34\u65f6\u76ee\u5f55\u521b\u5efa\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8bbf\u95ee\u673a\u5668\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6f5c\u5728\u5730\u8bbf\u95ee\u7531Guava com.google.common.io.Files.createTempDir()\u521b\u5efa\u7684\u4e34\u65f6\u76ee\u5f55\u4e2d\u7684\u6570\u636e\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u7279\u6b8a\u76ee\u5f55\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Google Guava\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Google Google Guava \u003c30.0"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"serverity": "\u4f4e",
"submitTime": "2020-12-11",
"title": "Google Guava\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}
FKIE_CVE-2020-8908
Vulnerability from fkie_nvd - Published: 2020-12-10 23:15 - Updated: 2026-02-23 21:17
Severity
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
References
| URL | Tags | ||
|---|---|---|---|
| cve-coordination@google.com | https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40 | Patch, Third Party Advisory | |
| cve-coordination@google.com | https://github.com/google/guava/issues/4011 | Issue Tracking, Patch, Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E | Third Party Advisory | |
| cve-coordination@google.com | https://security.netapp.com/advisory/ntap-20220210-0003/ | Third Party Advisory | |
| cve-coordination@google.com | https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415 | Exploit, Patch, Third Party Advisory | |
| cve-coordination@google.com | https://www.oracle.com//security-alerts/cpujul2021.html | Patch, Third Party Advisory | |
| cve-coordination@google.com | https://www.oracle.com/security-alerts/cpuApr2021.html | Patch, Third Party Advisory | |
| cve-coordination@google.com | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| cve-coordination@google.com | https://www.oracle.com/security-alerts/cpujan2022.html | Third Party Advisory | |
| cve-coordination@google.com | https://www.oracle.com/security-alerts/cpuoct2021.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/google/guava/issues/4011 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220210-0003/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com//security-alerts/cpujul2021.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuApr2021.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujan2022.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuoct2021.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| guava | * | ||
| quarkus | quarkus | * | |
| oracle | commerce_guided_search | 11.3.2 | |
| oracle | communications_cloud_native_core_network_slice_selection_function | 1.2.1 | |
| oracle | communications_pricing_design_center | 12.0.0.4.0 | |
| oracle | communications_pricing_design_center | 12.0.0.5.0 | |
| oracle | data_integrator | 12.2.1.3.0 | |
| oracle | data_integrator | 12.2.1.4.0 | |
| oracle | nosql_database | * | |
| oracle | peoplesoft_enterprise_peopletools | 8.57 | |
| oracle | peoplesoft_enterprise_peopletools | 8.58 | |
| oracle | peoplesoft_enterprise_peopletools | 8.59 | |
| oracle | retail_customer_management_and_segmentation_foundation | * | |
| oracle | weblogic_server | 14.1.1.0.0 | |
| oracle | communications_cloud_native_core_network_repository_function | 1.14.0 | |
| oracle | primavera_unifier | * | |
| oracle | primavera_unifier | 18.8 | |
| oracle | primavera_unifier | 19.12 | |
| oracle | primavera_unifier | 20.12 | |
| oracle | primavera_unifier | 21.12 | |
| netapp | active_iq_unified_manager | - | |
| netapp | active_iq_unified_manager | - | |
| netapp | active_iq_unified_manager | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FA9B26-6D87-4FE1-B719-EC4770B5418D",
"versionEndExcluding": "32.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89306BA8-9E5C-49F6-AB32-B78BE1D831F0",
"versionEndExcluding": "1.11.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3622F5-5976-4BBC-A147-FC8A6431EA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE6EF8F-1F05-429B-A916-76FDB20CEB81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28F42F0-FBDA-4574-AD30-7A04F27FEA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "129CA55C-C770-4D42-BD17-9011F3AC93C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9901F6BA-78D5-45B8-9409-07FF1C6DDD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FADE563-5AAA-42FF-B43F-35B20A2386C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D04565AE-D092-4AE0-8FEE-0E8114662A1B",
"versionEndExcluding": "20.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
"matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
"matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B92BB355-DB00-438E-84E5-8EC007009576",
"versionEndIncluding": "19.0",
"versionStartIncluding": "16.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E463039-5E48-4AA0-A42B-081053FA0111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9",
"versionEndIncluding": "17.12",
"versionStartIncluding": "17.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"matchCriteriaId": "202AD518-2E9B-4062-B063-9858AE1F9CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E9C55C69-E22E-4B80-9371-5CD821D79FE2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
"matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad en la creaci\u00f3n de directorios temporales en todas las versiones de Guava, que permite a un atacante con acceso a la m\u00e1quina acceder potencialmente a los datos de un directorio temporal creado por la API de Guava com.google.common.io.Files.createTempDir(). Por defecto, en los sistemas de tipo unix, el directorio creado es legible por el mundo (legible por un atacante con acceso al sistema). El m\u00e9todo en cuesti\u00f3n ha sido marcado como @Deprecated en las versiones 30.0 y posteriores y no debe ser utilizado. Para los desarrolladores de Android, recomendamos elegir una API de directorio temporal proporcionada por Android, como context.getCacheDir(). Para otros desarrolladores de Java, recomendamos migrar a la API de Java 7 java.nio.file.Files.createTempDirectory() que configura expl\u00edcitamente los permisos de 700, o configurar la propiedad del sistema java.io.tmpdir del tiempo de ejecuci\u00f3n de Java para que apunte a una ubicaci\u00f3n cuyos permisos est\u00e9n configurados adecuadamente"
}
],
"id": "CVE-2020-8908",
"lastModified": "2026-02-23T21:17:30.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-10T23:15:13.973",
"references": [
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/google/guava/issues/4011"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/google/guava/issues/4011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
}
],
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-378"
}
],
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-5MG8-W23W-74H3
Vulnerability from github – Published: 2021-03-25 17:04 – Updated: 2026-02-23 22:45
VLAI
Summary
Information Disclosure in Guava
Details
A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava com.google.common.io.Files.createTempDir(). The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.
Severity
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.google.guava:guava"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "32.0.0-android"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-8908"
],
"database_specific": {
"cwe_ids": [
"CWE-173",
"CWE-200",
"CWE-378",
"CWE-732"
],
"github_reviewed": true,
"github_reviewed_at": "2021-03-25T17:01:09Z",
"nvd_published_at": "2020-12-10T23:15:00Z",
"severity": "LOW"
},
"details": "A temp directory creation vulnerability exists in Guava prior to version 32.0.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`. The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open. Maintainers recommend explicitly changing the permissions after the creation of the directory, or removing uses of the vulnerable method.",
"id": "GHSA-5mg8-w23w-74h3",
"modified": "2026-02-23T22:45:53Z",
"published": "2021-03-25T17:04:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
},
{
"type": "WEB",
"url": "https://github.com/google/guava/issues/4011"
},
{
"type": "WEB",
"url": "https://github.com/google/guava/issues/4011#issuecomment-1578991974"
},
{
"type": "WEB",
"url": "https://github.com/google/guava/commit/feb83a1c8fd2e7670b244d5afd23cba5aca43284"
},
{
"type": "WEB",
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604@%3Ctorque-dev.db.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95@%3Cgithub.arrow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f@%3Cdev.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97@%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a@%3Ctorque-dev.db.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3@%3Ctorque-dev.db.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322@%3Cgitbox.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220210-0003"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625@%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e@%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85@%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf@%3Cdev.pig.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc@%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748@%3Ccommits.pulsar.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r037fed1d0ebde50c9caf8d99815db3093c344c3f651c5a49a09824ce@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21@%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"type": "PACKAGE",
"url": "https://github.com/google/guava"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba@%3Cissues.maven.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c@%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222@%3Ccommits.ws.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199@%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44@%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac@%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27@%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Information Disclosure in Guava"
}
GSD-2020-8908
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-8908",
"description": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.",
"id": "GSD-2020-8908",
"references": [
"https://www.suse.com/security/cve/CVE-2020-8908.html",
"https://access.redhat.com/errata/RHSA-2021:4702",
"https://access.redhat.com/errata/RHSA-2021:2210",
"https://access.redhat.com/errata/RHSA-2021:0974",
"https://access.redhat.com/errata/RHSA-2021:0885",
"https://access.redhat.com/errata/RHSA-2021:0874",
"https://access.redhat.com/errata/RHSA-2021:0873",
"https://access.redhat.com/errata/RHSA-2021:0872",
"https://access.redhat.com/errata/RHSA-2021:0417",
"https://advisories.mageia.org/CVE-2020-8908.html",
"https://access.redhat.com/errata/RHSA-2022:1013",
"https://access.redhat.com/errata/RHSA-2022:1029"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-8908"
],
"details": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\n\n",
"id": "GSD-2020-8908",
"modified": "2023-12-13T01:21:54.399748Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2020-8908",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Guava",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.0",
"version_value": "32.0"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Jonathan Leitschuh"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-378",
"lang": "eng",
"value": "CWE-378: Creation of Temporary File With Insecure Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/google/guava/issues/4011",
"refsource": "MISC",
"url": "https://github.com/google/guava/issues/4011"
},
{
"name": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40",
"refsource": "MISC",
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"name": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220210-0003/",
"refsource": "MISC",
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,30.0)",
"affected_versions": "All versions before 30.0",
"cvss_v2": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-732",
"CWE-937"
],
"date": "2021-12-10",
"description": "A temp directory creation vulnerability exist in Guava allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava `com.google.common.io.Files.createTempDir()`.` The permissions granted to the directory created default to the standard unix-like `/tmp` ones, leaving the files open.",
"fixed_versions": [
"30.0"
],
"identifier": "CVE-2020-8908",
"identifiers": [
"CVE-2020-8908"
],
"not_impacted": "All versions starting from 30.0",
"package_slug": "maven/com.google.guava/guava",
"pubdate": "2020-12-10",
"solution": "Upgrade to version 30.0 or above.",
"title": "Incorrect Permission Assignment for Critical Resource",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
],
"uuid": "a9478501-d29b-4011-a1d1-ccee593a74e9"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:guava:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.11.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "19.0",
"versionStartIncluding": "16.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.12",
"versionStartIncluding": "17.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2020-8908"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40"
},
{
"name": "https://github.com/google/guava/issues/4011",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/google/guava/issues/4011"
},
{
"name": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415",
"refsource": "MISC",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "N/A",
"refsource": "N/A",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220210-0003/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220210-0003/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r007add131977f4f576c232b25e024249a3d16f66aad14a4b52819d21%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc2dbc4633a6eea1fcbce6831876cfa17b73759a98c65326d1896cb1a%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r79e47ed555bdb1180e528420a7a2bb898541367a29a3bc6bbf0baf2c%40%3Cissues.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd5d58088812cf8e677d99b07f73c654014c524c94e7fedbdee047604%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5b3d93dfdfb7708e796e8762ab40edbde8ff8add48aba53e5ea26f44%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r3dd8881de891598d622227e9840dd7c2ef1d08abbb49e9690c7ae1bc%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r58a8775205ab1839dba43054b09a9ab3b25b423a4170b2413c4067ac%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rb2364f4cf4d274eab5a7ecfaf64bf575cedf8b0173551997c749d322%40%3Cgitbox.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd7e12d56d49d73e2b8549694974b07561b79b05455f7f781954231bf%40%3Cdev.pig.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r7b0e81d8367264d6cad98766a469d64d11248eb654417809bfdacf09%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r68d86f4b06c808204f62bcb254fcb5b0432528ee8d37a07ef4bc8222%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r841c5e14e1b55281523ebcde661ece00b38a0569e00ef5e12bd5f6ba%40%3Cissues.maven.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd2704306ec729ccac726e50339b8a8f079515cc29ccb77713b16e7c5%40%3Cissues.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re120f6b3d2f8222121080342c5801fdafca2f5188ceeb3b49c8a1d27%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r07ed3e4417ad043a27bee7bb33322e9bfc7d7e6d1719b8e3dfd95c14%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r6874dfe26eefc41b7c9a5e4a0487846fc4accf8c78ff948b24a1104a%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rbc7642b9800249553f13457e46b813bea1aec99d2bc9106510e00ff3%40%3Ctorque-dev.db.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r3c3b33ee5bef0c67391d27a97cbfd89d44f328cf072b601b58d4e748%40%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf9f0fa84b8ae1a285f0210bafec6de2a9eba083007d04640b82aa625%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf00b688ffa620c990597f829ff85fdbba8bf73ee7bfb34783e1f0d4e%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5d61b98ceb7bba939a651de5900dbd67be3817db6bfcc41c6e04e199%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r49549a8322f62cd3acfa4490d25bfba0be04f3f9ff4d14fe36199d27%40%3Cyarn-dev.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rcafc3a637d82bdc9a24036b2ddcad1e519dd0e6f848fcc3d606fd78f%40%3Cdev.hive.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r2fe45d96eea8434b91592ca08109118f6308d60f6d0e21d52438cfb4%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e%40%3Ccommits.ws.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd01f5ff0164c468ec7abc96ff7646cea3cce6378da2e4aa29c6bcb95%40%3Cgithub.arrow.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/reebbd63c25bc1a946caa419cec2be78079f8449d1af48e52d47c9e85%40%3Cissues.geode.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ra7ab308481ee729f998691e8e3e02e93b1dedfc98f6b1cd3d86923b3%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r161b87f8037bbaff400194a63cd2016c9a69f5949f06dcc79beeab54%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r294be9d31c0312d2c0837087204b5d4bf49d0552890e6eec716fa6a6%40%3Cyarn-issues.hadoop.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc607bc52f3507b8b9c28c6a747c3122f51ac24afe80af2a670785b97%40%3Cissues.geode.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
},
"lastModifiedDate": "2023-08-02T17:30Z",
"publishedDate": "2020-12-10T23:15Z"
}
}
}
MSRC_CVE-2020-8908
Vulnerability from csaf_microsoft - Published: 2020-12-02 00:00 - Updated: 2023-04-07 00:00Summary
Temp directory permission issue in Guava
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
CWE-732
- Incorrect Permission Assignment for Critical Resource
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 19191-17086 | — | ||
| Unresolved product id: 19192-17086 | — |
Known affected
2 products
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-1 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2020/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2020/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2020-8908 Temp directory permission issue in Guava - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2020-8908.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Temp directory permission issue in Guava",
"tracking": {
"current_release_date": "2023-04-07T00:00:00.000Z",
"generator": {
"date": "2025-12-27T20:57:54.561Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2020-8908",
"initial_release_date": "2020-12-02T00:00:00.000Z",
"revision_history": [
{
"date": "2023-04-07T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 guava 25.0-7",
"product": {
"name": "\u003ccbl2 guava 25.0-7",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 guava 25.0-7",
"product": {
"name": "cbl2 guava 25.0-7",
"product_id": "19191"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 guava 25.0-5",
"product": {
"name": "\u003ccbl2 guava 25.0-5",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 guava 25.0-5",
"product": {
"name": "cbl2 guava 25.0-5",
"product_id": "19192"
}
}
],
"category": "product_name",
"name": "guava"
},
{
"category": "product_name",
"name": "azl3 javapackages-bootstrap 1.14.0-3",
"product": {
"name": "azl3 javapackages-bootstrap 1.14.0-3",
"product_id": "1"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 guava 25.0-7 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 guava 25.0-7 as a component of CBL Mariner 2.0",
"product_id": "19191-17086"
},
"product_reference": "19191",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 guava 25.0-5 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 guava 25.0-5 as a component of CBL Mariner 2.0",
"product_id": "19192-17086"
},
"product_reference": "19192",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 javapackages-bootstrap 1.14.0-3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-1"
]
}
],
"notes": [
{
"category": "general",
"text": "Google",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"19191-17086",
"19192-17086"
],
"known_affected": [
"17086-3",
"17086-2"
],
"known_not_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-8908 Temp directory permission issue in Guava - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2020-8908.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-07T00:00:00.000Z",
"details": "25.0-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2023-04-07T00:00:00.000Z",
"details": "25.0-5:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 3.3,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"17086-3",
"17086-2"
]
}
],
"title": "Temp directory permission issue in Guava"
}
]
}
OPENSUSE-SU-2024:10835-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
guava-30.1.1-1.2 on GA media
Severity
Moderate
Notes
Title of the patch: guava-30.1.1-1.2 on GA media
Description of the patch: These are all security issues fixed in the guava-30.1.1-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10835
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-30.1.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "guava-30.1.1-1.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the guava-30.1.1-1.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10835",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10835-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8908 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8908/"
}
],
"title": "guava-30.1.1-1.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10835-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "guava-30.1.1-1.2.aarch64",
"product": {
"name": "guava-30.1.1-1.2.aarch64",
"product_id": "guava-30.1.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "guava-javadoc-30.1.1-1.2.aarch64",
"product": {
"name": "guava-javadoc-30.1.1-1.2.aarch64",
"product_id": "guava-javadoc-30.1.1-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "guava-testlib-30.1.1-1.2.aarch64",
"product": {
"name": "guava-testlib-30.1.1-1.2.aarch64",
"product_id": "guava-testlib-30.1.1-1.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "guava-30.1.1-1.2.ppc64le",
"product": {
"name": "guava-30.1.1-1.2.ppc64le",
"product_id": "guava-30.1.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "guava-javadoc-30.1.1-1.2.ppc64le",
"product": {
"name": "guava-javadoc-30.1.1-1.2.ppc64le",
"product_id": "guava-javadoc-30.1.1-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "guava-testlib-30.1.1-1.2.ppc64le",
"product": {
"name": "guava-testlib-30.1.1-1.2.ppc64le",
"product_id": "guava-testlib-30.1.1-1.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "guava-30.1.1-1.2.s390x",
"product": {
"name": "guava-30.1.1-1.2.s390x",
"product_id": "guava-30.1.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "guava-javadoc-30.1.1-1.2.s390x",
"product": {
"name": "guava-javadoc-30.1.1-1.2.s390x",
"product_id": "guava-javadoc-30.1.1-1.2.s390x"
}
},
{
"category": "product_version",
"name": "guava-testlib-30.1.1-1.2.s390x",
"product": {
"name": "guava-testlib-30.1.1-1.2.s390x",
"product_id": "guava-testlib-30.1.1-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "guava-30.1.1-1.2.x86_64",
"product": {
"name": "guava-30.1.1-1.2.x86_64",
"product_id": "guava-30.1.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "guava-javadoc-30.1.1-1.2.x86_64",
"product": {
"name": "guava-javadoc-30.1.1-1.2.x86_64",
"product_id": "guava-javadoc-30.1.1-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "guava-testlib-30.1.1-1.2.x86_64",
"product": {
"name": "guava-testlib-30.1.1-1.2.x86_64",
"product_id": "guava-testlib-30.1.1-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-30.1.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64"
},
"product_reference": "guava-30.1.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-30.1.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le"
},
"product_reference": "guava-30.1.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-30.1.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-30.1.1-1.2.s390x"
},
"product_reference": "guava-30.1.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-30.1.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64"
},
"product_reference": "guava-30.1.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-javadoc-30.1.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64"
},
"product_reference": "guava-javadoc-30.1.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-javadoc-30.1.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le"
},
"product_reference": "guava-javadoc-30.1.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-javadoc-30.1.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x"
},
"product_reference": "guava-javadoc-30.1.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-javadoc-30.1.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64"
},
"product_reference": "guava-javadoc-30.1.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-testlib-30.1.1-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64"
},
"product_reference": "guava-testlib-30.1.1-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-testlib-30.1.1-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le"
},
"product_reference": "guava-testlib-30.1.1-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-testlib-30.1.1-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x"
},
"product_reference": "guava-testlib-30.1.1-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "guava-testlib-30.1.1-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64"
},
"product_reference": "guava-testlib-30.1.1-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8908"
}
],
"notes": [
{
"category": "general",
"text": "A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime\u0027s java.io.tmpdir system property to point to a location whose permissions are appropriately configured.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8908",
"url": "https://www.suse.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "SUSE Bug 1179926 for CVE-2020-8908",
"url": "https://bugzilla.suse.com/1179926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:guava-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-javadoc-30.1.1-1.2.x86_64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.aarch64",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.ppc64le",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.s390x",
"openSUSE Tumbleweed:guava-testlib-30.1.1-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8908"
}
]
}
RHSA-2021:0417
Vulnerability from csaf_redhat - Published: 2021-02-04 13:36 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat AMQ Broker 7.8.1 release and security update
Severity
Moderate
Notes
Topic: Red Hat AMQ Broker 7.8.1 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.
This release of Red Hat AMQ Broker 7.8.1 serves as a replacement for Red Hat AMQ Broker 7.8.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A prototype pollution vulnerability was found in AngularJS. A remote attacker could abuse this flaw by providing malicious input to the merge() function by overriding or adding properties of the Object.prototype, allowing possible injection of code.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A XSS flaw was found in nodejs-angular. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "\<option\>" elements in "\<select\>" ones changes parsing behavior, leading to possibly unsanitizing code.
5.4 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.
4.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in AMQ 7 broker, where it allows users using the OpenWire protocol to bypass the usual permissions checks. This flaw allows an unprivileged user to create queues without verifying the role. The highest threat from this vulnerability is to integrity.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ 7.8.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
30 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2021:0417 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/jbossnetwork/restricted… | external |
| https://access.redhat.com/documentation/en-us/red… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1902826 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1906919 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2019-10768 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1813309 | external |
| https://www.cve.org/CVERecord?id=CVE-2019-10768 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2019-10768 | external |
| https://github.com/angular/angular.js/commit/add7… | external |
| https://access.redhat.com/security/cve/CVE-2020-7676 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1849206 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-7676 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-7676 | external |
| https://snyk.io/vuln/SNYK-JS-ANGULAR-570058 | external |
| https://access.redhat.com/security/cve/CVE-2020-8908 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1906919 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-8908 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-8908 | external |
| https://access.redhat.com/security/cve/CVE-2020-27218 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1902826 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-27218 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-27218 | external |
| https://github.com/eclipse/jetty.project/security… | external |
| https://access.redhat.com/security/cve/CVE-2021-26118 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1892384 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-26118 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-26118 | external |
Acknowledgments
Red Hat
Francesco Marchioni
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Broker 7.8.1 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. \n\nThis release of Red Hat AMQ Broker 7.8.1 serves as a replacement for Red Hat AMQ Broker 7.8.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* jetty: buffer not correctly recycled in Gzip Request inflation (CVE-2020-27218)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0417",
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.8.1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.8.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq/7.8/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq/7.8/"
},
{
"category": "external",
"summary": "1902826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902826"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0417.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Broker 7.8.1 release and security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:45+00:00",
"generator": {
"date": "2026-05-14T22:30:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0417",
"initial_release_date": "2021-02-04T13:36:09+00:00",
"revision_history": [
{
"date": "2021-02-04T13:36:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-02-04T13:36:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ 7.8.1",
"product": {
"name": "Red Hat AMQ 7.8.1",
"product_id": "Red Hat AMQ 7.8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_broker:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10768",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2019-11-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1813309"
}
],
"notes": [
{
"category": "description",
"text": "A prototype pollution vulnerability was found in AngularJS. A remote attacker could abuse this flaw by providing malicious input to the merge() function by overriding or adding properties of the Object.prototype, allowing possible injection of code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "AngularJS: Prototype pollution in merge function could result in code injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Whilst servicemesh-grafana, and grafana-container both include a vulnerable version of angular.js (v1.6.6) the impact is lowered due to Grafana not directly implementing the angular.merge function.\n\nQuay does not contain the affected vulnerable code pattern.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10768"
},
{
"category": "external",
"summary": "RHBZ#1813309",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813309"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10768",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10768"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10768",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10768"
},
{
"category": "external",
"summary": "https://github.com/angular/angular.js/commit/add78e62004e80bb1e16ab2dfe224afa8e513bc3",
"url": "https://github.com/angular/angular.js/commit/add78e62004e80bb1e16ab2dfe224afa8e513bc3"
}
],
"release_date": "2019-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "AngularJS: Prototype pollution in merge function could result in code injection"
},
{
"cve": "CVE-2020-7676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1849206"
}
],
"notes": [
{
"category": "description",
"text": "A XSS flaw was found in nodejs-angular. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping \"\\\u003coption\\\u003e\" elements in \"\\\u003cselect\\\u003e\" ones changes parsing behavior, leading to possibly unsanitizing code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-angular: XSS due to regex-based HTML replacement",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Quay does not contain the affected component usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7676"
},
{
"category": "external",
"summary": "RHBZ#1849206",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849206"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7676",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7676"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058",
"url": "https://snyk.io/vuln/SNYK-JS-ANGULAR-570058"
}
],
"release_date": "2020-05-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-angular: XSS due to regex-based HTML replacement"
},
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"cve": "CVE-2020-27218",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"discovery_date": "2020-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902826"
}
],
"notes": [
{
"category": "description",
"text": "In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty: buffer not correctly recycled in Gzip Request inflation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of jetty.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27218"
},
{
"category": "external",
"summary": "RHBZ#1902826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902826"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27218"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27218",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27218"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8"
}
],
"release_date": "2020-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty: buffer not correctly recycled in Gzip Request inflation"
},
{
"acknowledgments": [
{
"names": [
"Francesco Marchioni"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2021-26118",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1892384"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in AMQ 7 broker, where it allows users using the OpenWire protocol to bypass the usual permissions checks. This flaw allows an unprivileged user to create queues without verifying the role. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "7: OpenWire can create destinations with an unpriviledged user",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ 7.8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26118"
},
{
"category": "external",
"summary": "RHBZ#1892384",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892384"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26118",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26118"
}
],
"release_date": "2020-10-28T12:25:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T13:36:09+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ 7.8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0417"
},
{
"category": "workaround",
"details": "If you are not using the openwire protocol, it can be disabled by removing it from the list of accepted protocols in the `broker.xml`\n```xml\n\u003cacceptor name=\"artemis\"\u003etcp://0.0.0.0:61616?tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;amqpMinLargeMessageSize=102400;protocols=CORE,AMQP,STOMP,HORNETQ,MQTT;useEpoll=true;amqpCredits=1000;amqpLowCredits=300;amqpDuplicateDetection=true\u003c/acceptor\u003e\n```",
"product_ids": [
"Red Hat AMQ 7.8.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ 7.8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "7: OpenWire can create destinations with an unpriviledged user"
}
]
}
RHSA-2021:0872
Vulnerability from csaf_redhat - Published: 2021-03-16 13:41 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update
Severity
Moderate
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)
* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)
* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.
4.8 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
4.8 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
4.3 (Medium)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
52 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2021:0872 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/documentation/en-us/red… | external |
| https://access.redhat.com/documentation/en-us/red… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1905796 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1906919 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1912881 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1923133 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1929479 | external |
| https://issues.redhat.com/browse/JBEAP-20336 | external |
| https://issues.redhat.com/browse/JBEAP-20628 | external |
| https://issues.redhat.com/browse/JBEAP-20672 | external |
| https://issues.redhat.com/browse/JBEAP-20694 | external |
| https://issues.redhat.com/browse/JBEAP-20695 | external |
| https://issues.redhat.com/browse/JBEAP-20715 | external |
| https://issues.redhat.com/browse/JBEAP-20762 | external |
| https://issues.redhat.com/browse/JBEAP-20791 | external |
| https://issues.redhat.com/browse/JBEAP-20795 | external |
| https://issues.redhat.com/browse/JBEAP-20802 | external |
| https://issues.redhat.com/browse/JBEAP-20805 | external |
| https://issues.redhat.com/browse/JBEAP-20815 | external |
| https://issues.redhat.com/browse/JBEAP-20816 | external |
| https://issues.redhat.com/browse/JBEAP-20883 | external |
| https://issues.redhat.com/browse/JBEAP-20887 | external |
| https://issues.redhat.com/browse/JBEAP-20908 | external |
| https://issues.redhat.com/browse/JBEAP-20918 | external |
| https://issues.redhat.com/browse/JBEAP-20941 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2020-8908 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1906919 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-8908 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-8908 | external |
| https://access.redhat.com/security/cve/CVE-2020-10687 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1785049 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-10687 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-10687 | external |
| https://access.redhat.com/security/cve/CVE-2020-28052 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1912881 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-28052 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-28052 | external |
| https://access.redhat.com/security/cve/CVE-2020-35510 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1905796 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-35510 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-35510 | external |
| https://access.redhat.com/security/cve/CVE-2021-20220 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1923133 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-20220 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-20220 | external |
| https://access.redhat.com/security/cve/CVE-2021-20250 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1929479 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-20250 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-20250 | external |
Acknowledgments
Red Hat
Aaron Ogburn
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)\n\n* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)\n\n* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0872",
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "JBEAP-20336",
"url": "https://issues.redhat.com/browse/JBEAP-20336"
},
{
"category": "external",
"summary": "JBEAP-20628",
"url": "https://issues.redhat.com/browse/JBEAP-20628"
},
{
"category": "external",
"summary": "JBEAP-20672",
"url": "https://issues.redhat.com/browse/JBEAP-20672"
},
{
"category": "external",
"summary": "JBEAP-20694",
"url": "https://issues.redhat.com/browse/JBEAP-20694"
},
{
"category": "external",
"summary": "JBEAP-20695",
"url": "https://issues.redhat.com/browse/JBEAP-20695"
},
{
"category": "external",
"summary": "JBEAP-20715",
"url": "https://issues.redhat.com/browse/JBEAP-20715"
},
{
"category": "external",
"summary": "JBEAP-20762",
"url": "https://issues.redhat.com/browse/JBEAP-20762"
},
{
"category": "external",
"summary": "JBEAP-20791",
"url": "https://issues.redhat.com/browse/JBEAP-20791"
},
{
"category": "external",
"summary": "JBEAP-20795",
"url": "https://issues.redhat.com/browse/JBEAP-20795"
},
{
"category": "external",
"summary": "JBEAP-20802",
"url": "https://issues.redhat.com/browse/JBEAP-20802"
},
{
"category": "external",
"summary": "JBEAP-20805",
"url": "https://issues.redhat.com/browse/JBEAP-20805"
},
{
"category": "external",
"summary": "JBEAP-20815",
"url": "https://issues.redhat.com/browse/JBEAP-20815"
},
{
"category": "external",
"summary": "JBEAP-20816",
"url": "https://issues.redhat.com/browse/JBEAP-20816"
},
{
"category": "external",
"summary": "JBEAP-20883",
"url": "https://issues.redhat.com/browse/JBEAP-20883"
},
{
"category": "external",
"summary": "JBEAP-20887",
"url": "https://issues.redhat.com/browse/JBEAP-20887"
},
{
"category": "external",
"summary": "JBEAP-20908",
"url": "https://issues.redhat.com/browse/JBEAP-20908"
},
{
"category": "external",
"summary": "JBEAP-20918",
"url": "https://issues.redhat.com/browse/JBEAP-20918"
},
{
"category": "external",
"summary": "JBEAP-20941",
"url": "https://issues.redhat.com/browse/JBEAP-20941"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0872.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:43+00:00",
"generator": {
"date": "2026-05-14T22:30:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0872",
"initial_release_date": "2021-03-16T13:41:30+00:00",
"revision_history": [
{
"date": "2021-03-16T13:41:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-16T13:41:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.25-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el6eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.25-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.25-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.25-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.25-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.68.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.68.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.68.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-5.Final_redhat_00006.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-9.redhat_00019.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.6-1.GA_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.6-1.GA_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava@30.1.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"cve": "CVE-2020-28052",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1912881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28052"
},
{
"category": "external",
"summary": "RHBZ#1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052"
}
],
"release_date": "2020-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
},
{
"category": "workaround",
"details": "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible"
},
{
"cve": "CVE-2020-35510",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35510"
},
{
"category": "external",
"summary": "RHBZ#1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client"
},
{
"cve": "CVE-2021-20220",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Possible regression in fix for CVE-2020-10687",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20220"
},
{
"category": "external",
"summary": "RHBZ#1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20220"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220"
}
],
"release_date": "2021-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Possible regression in fix for CVE-2020-10687"
},
{
"cve": "CVE-2021-20250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1929479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20250"
},
{
"category": "external",
"summary": "RHBZ#1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:41:30+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client"
}
]
}
RHSA-2021:0873
Vulnerability from csaf_redhat - Published: 2021-03-16 13:37 - Updated: 2026-05-14 22:30Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update
Severity
Moderate
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)
* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)
* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)
* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.
CWE-379 - Creation of Temporary File in Directory with Insecure PermissionsAffected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.
4.8 (Medium)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
4.8 (Medium)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
4.3 (Medium)
Affected products
Fixed
98 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
52 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2021:0873 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/documentation/en-us/red… | external |
| https://access.redhat.com/documentation/en-us/red… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1905796 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1906919 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1912881 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1923133 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1929479 | external |
| https://issues.redhat.com/browse/JBEAP-20336 | external |
| https://issues.redhat.com/browse/JBEAP-20628 | external |
| https://issues.redhat.com/browse/JBEAP-20672 | external |
| https://issues.redhat.com/browse/JBEAP-20694 | external |
| https://issues.redhat.com/browse/JBEAP-20695 | external |
| https://issues.redhat.com/browse/JBEAP-20716 | external |
| https://issues.redhat.com/browse/JBEAP-20762 | external |
| https://issues.redhat.com/browse/JBEAP-20791 | external |
| https://issues.redhat.com/browse/JBEAP-20795 | external |
| https://issues.redhat.com/browse/JBEAP-20802 | external |
| https://issues.redhat.com/browse/JBEAP-20805 | external |
| https://issues.redhat.com/browse/JBEAP-20815 | external |
| https://issues.redhat.com/browse/JBEAP-20816 | external |
| https://issues.redhat.com/browse/JBEAP-20883 | external |
| https://issues.redhat.com/browse/JBEAP-20887 | external |
| https://issues.redhat.com/browse/JBEAP-20908 | external |
| https://issues.redhat.com/browse/JBEAP-20918 | external |
| https://issues.redhat.com/browse/JBEAP-20941 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2020-8908 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1906919 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-8908 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-8908 | external |
| https://access.redhat.com/security/cve/CVE-2020-10687 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1785049 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-10687 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-10687 | external |
| https://access.redhat.com/security/cve/CVE-2020-28052 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1912881 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-28052 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-28052 | external |
| https://access.redhat.com/security/cve/CVE-2020-35510 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1905796 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-35510 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-35510 | external |
| https://access.redhat.com/security/cve/CVE-2021-20220 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1923133 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-20220 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-20220 | external |
| https://access.redhat.com/security/cve/CVE-2021-20250 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1929479 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-20250 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-20250 | external |
Acknowledgments
Red Hat
Aaron Ogburn
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510)\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052)\n\n* wildfly-undertow: undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)\n\n* jboss-ejb-client: wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250)\n\n* guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0873",
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "JBEAP-20336",
"url": "https://issues.redhat.com/browse/JBEAP-20336"
},
{
"category": "external",
"summary": "JBEAP-20628",
"url": "https://issues.redhat.com/browse/JBEAP-20628"
},
{
"category": "external",
"summary": "JBEAP-20672",
"url": "https://issues.redhat.com/browse/JBEAP-20672"
},
{
"category": "external",
"summary": "JBEAP-20694",
"url": "https://issues.redhat.com/browse/JBEAP-20694"
},
{
"category": "external",
"summary": "JBEAP-20695",
"url": "https://issues.redhat.com/browse/JBEAP-20695"
},
{
"category": "external",
"summary": "JBEAP-20716",
"url": "https://issues.redhat.com/browse/JBEAP-20716"
},
{
"category": "external",
"summary": "JBEAP-20762",
"url": "https://issues.redhat.com/browse/JBEAP-20762"
},
{
"category": "external",
"summary": "JBEAP-20791",
"url": "https://issues.redhat.com/browse/JBEAP-20791"
},
{
"category": "external",
"summary": "JBEAP-20795",
"url": "https://issues.redhat.com/browse/JBEAP-20795"
},
{
"category": "external",
"summary": "JBEAP-20802",
"url": "https://issues.redhat.com/browse/JBEAP-20802"
},
{
"category": "external",
"summary": "JBEAP-20805",
"url": "https://issues.redhat.com/browse/JBEAP-20805"
},
{
"category": "external",
"summary": "JBEAP-20815",
"url": "https://issues.redhat.com/browse/JBEAP-20815"
},
{
"category": "external",
"summary": "JBEAP-20816",
"url": "https://issues.redhat.com/browse/JBEAP-20816"
},
{
"category": "external",
"summary": "JBEAP-20883",
"url": "https://issues.redhat.com/browse/JBEAP-20883"
},
{
"category": "external",
"summary": "JBEAP-20887",
"url": "https://issues.redhat.com/browse/JBEAP-20887"
},
{
"category": "external",
"summary": "JBEAP-20908",
"url": "https://issues.redhat.com/browse/JBEAP-20908"
},
{
"category": "external",
"summary": "JBEAP-20918",
"url": "https://issues.redhat.com/browse/JBEAP-20918"
},
{
"category": "external",
"summary": "JBEAP-20941",
"url": "https://issues.redhat.com/browse/JBEAP-20941"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0873.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update",
"tracking": {
"current_release_date": "2026-05-14T22:30:44+00:00",
"generator": {
"date": "2026-05-14T22:30:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0873",
"initial_release_date": "2021-03-16T13:37:13+00:00",
"revision_history": [
{
"date": "2021-03-16T13:37:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-16T13:37:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:30:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.25-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-failureaccess@1.0.1-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.25-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.25-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.25-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.25-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.20-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.34-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-mail@1.68.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.68.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-bouncycastle-prov@1.68.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.13-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.9.0-9.redhat_00019.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-5.Final_redhat_00006.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.39-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava@30.1.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-guava-libraries@30.1.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.6-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8908",
"cwe": {
"id": "CWE-379",
"name": "Creation of Temporary File in Directory with Insecure Permissions"
},
"discovery_date": "2020-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1906919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Guava that creates temporary directories with default permissions similar to /tmp. This issue may allow local users access, possibly permitting information exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: local information disclosure via temporary directory created with unsafe permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8908"
},
{
"category": "external",
"summary": "RHBZ#1906919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8908"
}
],
"release_date": "2020-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "guava: local information disclosure via temporary directory created with unsafe permissions"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"cve": "CVE-2020-28052",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-01-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1912881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28052"
},
{
"category": "external",
"summary": "RHBZ#1912881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28052"
}
],
"release_date": "2020-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
},
{
"category": "workaround",
"details": "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible"
},
{
"cve": "CVE-2020-35510",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1905796"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jboss-remoting. A malicious attacker could cause threads to hold up forever in the EJB server by writing a sequence of bytes corresponding to the expected messages of a successful EJB client request, but omitting the ACK messages, or just tamper with jboss-remoting code, deleting the lines that send the ACK message from the EJB client code resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35510"
},
{
"category": "external",
"summary": "RHBZ#1905796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905796"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35510"
}
],
"release_date": "2020-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client"
},
{
"cve": "CVE-2021-20220",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1923133"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Possible regression in fix for CVE-2020-10687",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20220"
},
{
"category": "external",
"summary": "RHBZ#1923133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20220"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20220"
}
],
"release_date": "2021-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Possible regression in fix for CVE-2020-10687"
},
{
"cve": "CVE-2021-20250",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1929479"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20250"
},
{
"category": "external",
"summary": "RHBZ#1929479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20250"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-16T13:37:13+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0873"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-0:2.9.0-9.redhat_00019.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-activemq-artemis-cli-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-commons-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-core-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-dto-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hornetq-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-hqclient-protocol-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jdbc-store-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-client-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-jms-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-journal-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-ra-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-selector-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-server-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-service-extensions-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-activemq-artemis-tools-0:2.9.0-9.redhat_00019.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-0:1.68.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-failureaccess-0:1.0.1-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-guava-libraries-0:30.1.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.39-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-remoting-0:5.0.20-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-5.Final_redhat_00006.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-5.Final_redhat_00006.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-0:5.9.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-narayana-compensations-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbosstxbridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jbossxts-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-idlj-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-jts-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-api-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-bridge-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-integration-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-restat-util-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-narayana-txframework-0:5.9.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.34-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.6-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.25-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.6-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.14-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…